[OpenID] [foaf-protocols] OpenId4.me -- Re: Should Openid's resolve to their descriptors in v.next?

Story Henry henry.story at bblfish.net
Wed Nov 25 00:16:56 UTC 2009 

Hi Santosh,


On 21 Nov 2009, at 16:01, Santosh Rajan wrote:

> Hi Henry,
> 
> Are you a member of OIDF? If not I would like to invite you to join OIDF.

I am not directly a member of the Open ID Foundation. Sun Microsystems may be, and so I a may be as a result too, in some way.

> Also before I say anything more i need to make a few disclaimers.
> 
> 1) I cannot not speak for OIDF the foundation or for all the other members
> here. I can only speak as a community member and thats all I am.
> 2) I cannot speak the "normative" language. I prefer plain english. And my
> plain english may be slightly different, being from another part of the
> world.
> 
> I think you can contribute to our efforts to develop OpenID v.next.

Whatever it is called, we are trying to solve the problem of creating a completely distributed Social Web. My work on foaf+ssl was inspired by the work done at OpenId, just as the OpenId was initially inspired a lot by the foaf. 

> Also
> there are some challenges to over come before we can do something useful.

Perhaps these are easy to overcome.

> 1) Simplify RDFa, foaf to a level that regular developers can very easily
> understand the whole thing. This is not to suggest that I think these are
> complicated, on the other hand we have to be mindful of the fact that
> developers, like all of us, will take the "least path of resistance".

I don't think that developers have that much of a trouble understanding RDF. I have been able to explain it easily to teenagers, to people with little computing experience even, to people with a lot of experience. I can get the basics done in 10 minutes. It's just relations after all.

See my lightening talk at HAR (requires Firefox 3.5)
  http://blogs.sun.com/bblfish/entry/camping_and_hacking_at_har2009

What was missing until recently were the tools. RDF/XML is impossible to use if your only tool is XSLT, QUERY and DOM manipulation. If you have modern tools it is much easier to get going.

It is this lack of tools which forced the OpenId community towards the current solutions. Indeed a few years ago asking developers to work with RDF would have been crazy talk.

To get an idea on how far things have come since then, the Drupal implementation of foaf+ssl was done by a French engineer after I gave him an 20 minute overview of foaf+ssl and the semweb. He had finished it within 24 hours, using the Drupal libraries, which are quite limited compared to what is available in Java.

RDFa is quite a nice. A plugin for a big HTML dev tool such as Dreamweaver, making it easier for html developers to see what they are writing, could be very useful here. I don't think the syntax is the problem here anymore either.

> 2) I like the idea with RDFa/foaf, OpenID's can resolve to something meaning
> full. You have already shown two possibilities earlier (one with html
> resolution and the other without).

ok, so no challenge here then :-)

> 3) We need to consider delegation. A thorny issue but can be solved.

yes, perhaps you can describe your problem in more detail.

> 4) Digital Signature (this i think is already available with foaf+ssl).
> Might need some modification, upgrading.

I always try to go for the absolute simplest solution. When 1+1=2 there is no need to upgrade anymore. 
Signing graphs, can introduce a lot of complexity. It is something one should add with a lot of caution.

> 5) Email like identifiers as OpenID's.

In foaf+ssl the user no longer needs to remember his global identifier - we call it a WebId. It is locked into the certificate. So I am not sure this is important anymore.  Here is what a sing on looked like on the iPhone

   http://blogs.sun.com/bblfish/entry/one_click_global_sign_on

Btw. this does show an important role for OpenId: a few browsers have broken ssl implementations.

> These can only be resolved via
> webfinger/host-met, ie if they are written in a manner independent of XRD.
> Other wise we will have to write equivalent versions of webfinger/host-meta.
> Also OpenID's that do not resolve to anything meaningful in (2) above will
> try the host-meta option.

The WebFinger idea is cute. I like it. 
But if we could avoid the user having to type anything at all, that might be better.

> I have spent the better part of the last 24 hrs reading up on RDF/RDFa/foaf
> and i am quite convinced the above can be done.
> 
> And true to the spirit of being "Open" we will do everything out in the
> Open. There will be "NO" private emails sent to each other.

well private emails are ok. 
I am most interested in there being no patents, and the result being free.

That is why I like foaf+ssl. I have not invented anything. I only rely on pre-established technologies: 
	- ssl/TLS
	- web
	- semweb
	
 There is nothing new here. All the technologies are widely available without restrictions.
It just getting people to change their way of thinking. Then all falls into place.



Henry

> 
> Thanks
> Santosh
> 
> 
> 
> On Sat, Nov 21, 2009 at 5:49 PM, Story Henry <henry.story at bblfish.net>wrote:
> 
>> On 20 Nov 2009, at 03:16, Peter Williams wrote:
>> 
>>> The only thing I see as viable alternative to rdfa would be some hatom
>> microformat.
>> 
>> It does not really matter what format you use. foaf+ssl is defined at the
>> semantic level.
>> As long as you can map a format to the required semantics, the system will
>> work.
>> 
>> Furthermore this can be done automatically. Any XML vocabulary can be
>> mapped to rdf using GRDDL for example. http://www.w3.org/TR/grddl/
>> 
>> microformats as a syntax is ok, a good stepping stone to help people gain
>> understanding of the semantic web. But it has quite a few problems in the
>> extensibility realm: you always need to go through the microformat process
>> to add new features, and they have deliberately and quite rightly limited
>> their work to developing what they consider the most important ontologies.
>> 
>> Furthermore, RDFa is not that difficult to learn now, and there are tools
>> everywhere enabling it. It is gaining quite a lot of support.
>> 
>> But the main point is, that it does not matter. If someone comes up with an
>> even neater way of integrating rdf into html - an even better syntax - then
>> nothing will need to change at the spec level of foaf+ssl. The proof lies in
>> the pudding: when we developed foaf+ssl I did not know about RDFa. And it is
>> only recently that I added support for RDFa to my testing tools. But nothing
>> changed in the definition of foaf+ssl.
>> 
>> Henry
> 
> 
> 
> 
> -- 
> http://hi.im/santosh

More information about the general mailing list