[OpenID] [foaf-dev] Can OpenID identify a person

Peter Williams pwilliams at rapattoni.com
Sun Jun 10 18:14:24 UTC 2007 

 
Ok. I'm convinced enough to go and look at modern RDF, and see how its
metadata modeling constructs can apply to user centric id. The whole
issue set of (knowledge-based metadata, local resolution, cached
metadata-driven resolution policies for local-names) seems to be coming
back into vogue (restarting research work from 15 years ago, lost during
the Directory wars).

The thing that eventually convinced me that SAML2 was on the right track
(after 5+ years of watching SAML flounder) was the ability of the SAML2
protocol machine to now locally manage - and manage in a distributed
fashion - the metadata triples accomplishing "name federation learning
and use", without involving the original name registration authorities.

All that infrastructure, its self-signed cert models for XML-DS/ENC and
SSL, plus a lightweight webSSO protocol for http, plus intelligent
metadata for mix/matching TTP and DIY management models during OpenID
interworking : this could well amount to a global infrastructure winner.

I don't see why the metadata infrastructure we have in realty cannot and
should not accommodate any metadata modeling world. After all, today,
its used quite minimally: to model simple relational tables. I think
I've figured out how realty's RETS server can both be an OpenID Provider
access-point resolver, and an OP issuing webSSO claims, and still comply
with actual http/URI practice today. I don't why any willing RETS
authority (the so-called Multiple Listing Services) cannot also merge
their RETS authority with the functions of an XRI I-Broker too, if that
TTP model is deemed beneficial to those MLS where authority-models work
well for their user communities.

Just need to find a .NET programmer to build me a first working model,
now! This looks like a 4 week task.


> > Nothing however requires the Consumer to use a global resolution 
> > service (based on public domain names and public XRI resolvers, 
> > probably), nor for the OpenID to be globally resolvable. 
> One could be 
> > in a private OpenID management domain, where local knowledge is 
> > required by the OpenID Consumer ...to complete 
> username->svcprovideraddr resolution.
> 
> An RDF notation for this information might be one useful way 
> for exchanging that local knowledge (eg. via SPARQL queries 
> http://www.w3.org/TR/rdf-sparql-query/
> http://www.w3.org/TR/rdf-sparql-protocol/
> http://www.w3.org/TR/rdf-sparql-json-res/ ).
>

More information about the general mailing list