[OpenID] cryptographics web of trust
Peter Williams
pwilliams at rapattoni.com
Fri Sep 21 03:10:02 UTC 2007
I would be fun to look at how much
> of that could be replaced by SPARQL queries. Could the relying party
> not get most of what is needed by sending queries such as this to the
> asserting party?
>
> PREFIX foaf: <http://xmlns.com/foaf/0.1/>
> PREFIX wot: <http://xmlns.com/wot/0.1/>
> SELECT *
> WHERE {
> <http://bblfish.net/people/henry/card#me>
> foaf:mbox ?mbox;
> foaf:openid ?openid .
> OPTIONAL {
> [] a wot:PubKey;
> wot:identity <http://bblfish.net/people/henry/card#me>;
> wot:pubkeyAddress ?pubKey .
> }
> }
I now have a SPARQL http endpoint, performing the above. (I will extend
it tomorrow to rely on an SAML assertion for WebSSO to authorize
execution.) This looks straightforward. My cute RDF application server
allows me to bind a INSERT to an HTTP request. So, a webserver running a
script uses querystring parsing to reflect on a RDF model that results
in a set of triples that I then insert bind to an HTTP (using INSERT). I
get to SELECT on the http response.
I like all this semweb stuff - it was not hard once I got to think right
to build a 4 layer network of proxies, the last one of which used an XML
datastore. Its cute. If Peter can do it, anyone can.
[Peter Williams]
> Now if the asserting believes what is in my foaf file, he will return
> those as results. Replying to a question is to give a trust level to
> it.
>
> SPARQL allows one to name graphs and query for their properties. Here
> I am asking it to return trust level information for those statements.
>
> PREFIX foaf: <http://xmlns.com/foaf/0.1/>
> PREFIX wot: <http://xmlns.com/wot/0.1/>
> SELECT *
> WHERE {
> ?g trust:level ?t .
> GRAPH ?g {
> <http://bblfish.net/people/henry/card#me>
> foaf:mbox ?mbox;
> foaf:openid ?openid .
> OPTIONAL {
> [] a wot:PubKey;
> wot:identity <http://bblfish.net/people/henry/card#me>;
> wot:pubkeyAddress ?pubKey .
> }
> }
> }
>
> This is just to show what one can do, though it is probably not quite
> the right way to do this.
So the above I don't understand.
Let's assume the SPARQL Server has a FOAF file, documenting various
features about this "foaf:Agent".
I think the above is saying the following:-
Whatever set of triples become ?g, that particular set will be
"determined" to have a trustlevel.
(a) is the idea that the RDF model over which the query is performed is
a merge of two default graphs: (i) g1 your FOAF file and (ii) g2 from
the Agent foaf file?
(b) Would the file of (ii) look like
[ trust:levelhigh
[ a <http://xmlns.com/wot/0.1/PubKey>;
<http://xmlns.com/wot/0.1/identity>
<http://bblfish.net/people/henry/card#me>;
<http://xmlns.com/wot/0.1/pubkeyAddress>
<http://bblfish.net/people/henry/henry.pubkey.asc> ] ,
[ a <http://xmlns.com/wot/0.1/Pubkey>;
<http://xmlns.com/wot/0.1/identity>
<http://www.w3.org/People/Berners-Lee/card#i>;
<http://xmlns.com/wot/0.1/pubkeyAddress>
<http://bblfish.net/people/henry/timbl.pubkey.asc> ].
]
[ trust:levellow
[ a <http://xmlns.com/wot/0.1/PubKey>;
<http://xmlns.com/wot/0.1/identity>
<http://danbri.org/foaf.rdf#danbri>;
<http://xmlns.com/wot/0.1/pubkeyAddress>
<http://danbri.org/danbri-pubkey.txt> ].
]
(c) would some inference rule then be responsible for inferring "?g
trust:level ?t"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070920/d7f29afe/attachment-0002.htm>
More information about the general
mailing list