[OpenID] openid, foaf and attribute exchange

Mon Jul 30 18:17:02 UTC 2007

Moving the random, temporary location of a FOAF file does make sense  
with AX.

The FOAF crowd was pretty discouraged when it became clear that a  
public FOAF file was NOT something most people would want heavily  
populated with data.

-- Dick

On 30-Jul-07, at 11:04 AM, Recordon, David wrote:

> One thing to think about is that the Attribute Exchange spec could be
> used to do nothing more than move around a FOAF file, vCard, etc as  
> one
> of the attributes.
>
> Great feedback though.
>
> Thanks,
> --David
>
> -----Original Message-----
> From: general-bounces at openid.net [mailto:general- 
> bounces at openid.net] On
> Behalf Of Story Henry
> Sent: Wednesday, July 25, 2007 3:06 AM
> To: general at openid.net
> Cc: foaf-dev
> Subject: [OpenID] openid, foaf and attribute exchange
>
> In my post "foaf and openid" [1] Mathew asked:
>
> "Is there a way to get this information just in the normal course of
> things through Attributes in the OpenID spec?"
>
> I read up about attribute exchange and responded this:
>
> I searched the openid site and found the Openid attribute exchange
> draft, which describes a proposed way to do this by querying the
> Identity Provider (https://openid.sun.com/openid/service in my
> example) for attributes. It also defines a method for storing  
> attributes
> there.
> I see three problems with this:
>
>    - It ties the identity provider to the identity. The nice thing  
> about
> OpenId, is that it separates the role of the identity provider and the
> identity. This allows one to have an id (I could use http://
> bblfish.net/) and change identity provider over time, as I change job
> for example, or even have a number of different ones at the same time.
> The OpenId attribute exchange is overloading the identity provider
> (which is really an identity verifier) functionality relating to
> identity description.
>    - It does not feel RESTful. If something is to return  
> information it
> should have a URL. Here there is very clearly overlapping of  
> concerns as
> explained above. What is the url for information for one identity  
> here?
> I have a large alarm bell ringing when I read sections such as: "Fetch
> message" and "store message". Is that not the equivalent of HTTP  
> GET and
> PUT?
>    - duplicating effort. This spec is inventing a metadata format, a
> query language and storage API, which is a lot of work. These things
> have been done before:
>       + metadata framework: as shown above RDF does this very well
> already. It has a very powerful semantics, has gone through years of
> review by some of the best thinkers in the world, is extensible, self
> describing, etc, etc... having to learn another special convention as
> proposed here, is one more unnecessary piece of work.
>       + query language: SPARQL though not yet finished does everything
> that is needed here as shown in the example above
>       + storage: this could be done using a number of well known
> technologies, such as ftp, scp, Atom Protocol, or even WebDav.  
> AtomP and
> WebDav are even nicely RESTful.
>
> A simple link to a foaf file as described in this article covers most
> uses cases, and is incredibly flexible. If one wants to have different
> personas, one should probably use different openids anyway, since  
> as the
> foaf people have correctly defined it foaf:openid is an inverse
> functional property. So if someone knows that
>
> _:niceJoe a foaf:Person;
>           foaf:openid <http://joe.openid.eg/>;
>           foaf:nick "joey";
>           foaf:email <mailto:nicejoe at love.eg> .
>
> and also knows that
>
> _:badJoe a foaf:Person;
>           foaf:openid <http://joe.openid.eg/>;
>           foaf:nick "bj";
>           foaf:email <mailto:badjoe at bondage.eg> .
>
> Then they know that
>
> [] a foaf:Person;
>           foaf:openid <http://joe.openid.eg/>;
>           foaf:nick "joey";
>           foaf:nick "bj";
>           foaf:email <mailto:nicejoe at love.eg> ;
>           foaf:email <mailto:badjoe at bondage.eg> .
>
> An open id identifier is an identifier. You should really not be using
> the same identifier if you want to have different independent  
> personas.
>
> Henry
>
> [1] http://blogs.sun.com/bblfish/entry/foaf_openid
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
>