00:05:21 MacTed has joined #webid 00:40:32 timbl has joined #webid 05:22:56 bblfish has joined #webid 06:36:35 RRSAgent, draft minutes 06:36:35 I have made the request to generate http://www.w3.org/2012/10/30-webid-minutes.html bblfish 06:40:34 trueg_ has joined #webid 07:22:17 fwagner has joined #webid 07:42:00 fwagner has left #webid 07:44:27 melvster has joined #webid 07:44:36 morning all! :) 07:47:56 develD has joined #webid 07:55:23 trueg_ has joined #webid 07:56:16 betehess has joined #webid 07:57:10 oberger has joined #webid 08:00:48 jonathandray has joined #webid 08:02:54 kotakagi has joined #webid 08:04:04 bblfish has joined #webid 08:05:59 philipp has joined #webid 08:07:18 ttanaka2 has joined #webID 08:07:20 wei has joined #webid 08:09:18 Zakim has joined #webid 08:09:28 RRSAgent, please generate minutes 08:09:28 I have made the request to generate http://www.w3.org/2012/10/30-webid-minutes.html betehess 08:09:34 deiu has joined #webid 08:09:44 chair: bblfish 08:09:46 gregory has joined #webid 08:09:52 scribenick: betehess 08:10:11 present+ Alexandre Bertails 08:10:21 RRSAgent, please generate minutes 08:10:21 I have made the request to generate http://www.w3.org/2012/10/30-webid-minutes.html betehess 08:10:25 present+ Melvin Carvalho 08:10:27 present+ bblfish 08:10:31 present+ Andrei Sambra 08:10:37 present+ Jonathan Dray 08:10:47 present+ Philipp Frischmuth 08:10:51 jin has joined #webid 08:12:11 present+ gregory barry 08:12:35 sangrae has joined #webid 08:13:00 present+ Steeve Holbrook 08:14:19 chsiao has joined #webid 08:14:43 sandro has joined #webid 08:15:17 gaiaphj has joined #webid 08:15:59 present+ TimBL 08:18:24 Topic: WebID future in W3C 08:18:58 spec http://webid.info/spec 08:19:16 bertails sees this as strongly related to LDP 08:19:54 me +1 it is, though not completely dependent on it. 08:20:37 q+ 08:20:39 bertails: ldp also would find it very useful to have webid 08:21:26 ... explains LDP is about putting data in documents, modify data, etc ... in a RESTful way 08:21:44 ... where RDF was about data, ldp is about modifying over the web 08:22:00 ... ldp is interested in access control - it's in their charter 08:22:12 SteveH has joined #webid 08:22:48 ... these resources need protection since people need to change resources 08:22:52 q+ 08:23:09 ack next 08:23:36 http://www.w3.org/DesignIssues/ReadWriteLinkedData.html 08:23:45 melvster introduces the RWW Community group 08:23:46 timbl has joined #webid 08:24:08 RRSAgent, pointer? 08:24:08 See http://www.w3.org/2012/10/30-webid-irc#T08-24-08 08:24:11 the web vision was initially a Read and Write space. 08:25:58 melvster webid is orthogonal to ldp. All systems for global communication uses global ids. 08:26:44 ... the explain in simple terms what WebID is 08:27:06 ... the goal of pki should be to simplify the message 08:28:03 ... the RWW group has 60 people, and is incubating specs, ... 08:28:18 ... ldp should be a best practice for what the RWW should be 08:28:26 ... it will be a recommendation 08:28:53 present+ Ann Bassetti 08:29:04 timbl : concerned that the ldp and rww might diverge 08:29:40 melvster: we're very much into dog fooding and trying out new things 08:29:45 q? 08:30:10 betehess: many people speak about linked data, but not many good definitions of it. 08:30:36 ... so the important thing of ldp is that it will give a formal definition of linked data. 08:31:15 ... the dependency between webid and ldp is therefore conceptual at that level 08:32:14 ... but there is also a practical use of WebID 08:32:43 ... certificates work everywhere 08:34:59 timbl: you have plenty of authentication systems out there 08:35:16 [[ 08:35:17 JonathanJ has joined #webid 08:35:17 ... at the end, we need to ask them to produce http uris 08:35:28 .... that's the fundamental thing 08:35:40 AnnBassetti has joined #webid 08:35:41 [[ 08:35:42 A URI that refers to an Agent - Person, Robot, Group or other thing that can have Intentions. The WebID should be a URI which when dereferenced returns a representation whose description uniquely identifies the Agent as the controller of a public key. In our example the WebID refers to Bob. A WebID is usually a URL with a #tag, as the meaning of such a URL is defined in the document. 08:35:44 ]] 08:37:04 timbl: let's imagine an arbitrary auth system 08:37:27 ... how would go allow someone to press a webid button, and at the end, the LDP system works 08:37:45 ... I'd see webid as a module of LDP 08:40:52 ... just like any other auth system 08:41:07 ... we should have a common interface layer that would be interoperable with RWW 08:41:35 betehess: for me, webid (without certificates) would be this common layer 08:41:49 so the question is whether WebID is about the tie to get a WebID or if it should be the thing that abstracts all other identification systems 08:42:01 melvster: identication and authentication are two different things 08:42:14 q+ 08:43:01 melvster: cannot have authentication unless you have identification first 08:43:21 jmvanel has joined #webid 08:43:55 melvster: the idea of URIs is universal and cover both worlds 08:44:02 melvster was also saying that identity is seperate 08:44:28 melvster: browserid relies on email 08:44:29 JonathanJ has joined #webid 08:44:51 timbl: the email is used to authenticate 08:44:58 ... you could expose that in an http uri 08:45:37 bblfish: I'm against webid being the thing binding everything together 08:46:08 bblfish: WebID is about tying a URL to a public key 08:46:15 ... eg. WebID over TLS 08:46:23 ... or webid over browserid 08:46:45 bblfish: so we should speak about WebID-TLD 08:46:51 s/TLD/TLS/ 08:47:05 s/bblfish:/timbl:/ 08:47:24 ... so webid would be an endpoint 08:48:39 bblfish: any of the _global_ identity you get, you can bind them to other identities 08:49:00 q+ 08:49:10 q+ to ask if RDF or LDP is part of the definition 08:49:48 timbl: the designissues you're talking about just say that authz and authn are different 08:50:30 ... this discussion is partly about branding 08:51:20 .... you can go to people, say that you have LDP systems, and tell them that you need something URL-based to do authentication 08:51:36 ack melv 08:51:52 ack next 08:51:53 melvster: webid and webid-protocol are not the same 08:52:06 ReadWriteWeb)", "Storage", and "All" 08:52:13 ... no you get 3 parts at the and 08:52:20 melvster: identification, authentication, authorization 08:53:11 ... I thought we have two definitions, that's why I'm not comfortable with tying the definition with public keys 08:53:26 ... would be just fine for the protocol part 08:53:34 ack me 08:53:35 betehess, you wanted to ask if RDF or LDP is part of the definition 08:54:31 bethesse has a good story for ldp: it needs a URL identifier 08:55:15 s/ReadWriteWeb)", "Storage", and "All"// 08:56:08 bblfish: I agree: identity, authn and authz are not the same 08:56:13 TimBL drew diagram: circles on left representing "Auth1" "Auth2" "OpenID" "Auth3" "WebID" .. each with lines going toward area that is the web as whole 08:56:56 [looks like henry is tying all this stuff to RDF on the whiteboard] 08:57:02 rblin has joined #webid 08:57:30 ... where, the web includes "Apps", "RWW ReadWriteWeb)", "Storage", and "All" 08:59:14 q+ 08:59:49 oh .. what I said is "All" is really "ACL" 09:00:07 s/"ALL"/"ACL"/ 09:01:05 timbl: if you're building apps, you can write rules 09:01:13 ... what alex is saying is about prooving 09:01:24 q+ 09:01:28 -q 09:04:41 betehess: for the record, I didn't want LDP to be working specifically on webid or webacls, just to focus on protocol itself 09:04:48 ... still the use-case must be considered 09:05:07 Link for the auth diagram: http://www.w3.org/wiki/File:Auth-diagram-tpac.jpg 09:05:23 melvster: in the rww group, we're looking closely at LDP, but not only that 09:05:39 ... we may have to incubate some ideas ourselves 09:05:52 ack next 09:06:09 deiu: re: the diagram and linking multiple protocols 09:06:11 access control on LDP will be Friday morning http://www.w3.org/2012/ldp/wiki/F2F1 09:06:18 ... it's important (bootstrapping) 09:06:52 ... you have multiple systems, but it's easier if it's only a link for the application 09:07:29 ... sometimes, apps don't trust enough some authn systems (for some reasons) 09:07:46 ... but webid here, already sends many informations about you 09:08:00 timbl: the software architecture is a key thing 09:08:57 ... we also need people to be able to create identities easily, for the open market 09:09:01 q+ 09:09:22 deiu: so is webid just another authn protocol? or the common layer? 09:09:33 timbl: yes, that's the question 09:10:21 ... definitely about branding 09:10:35 ... take html5 for example 09:10:43 jonathandray has joined #webid 09:10:52 ... it's the Open Web Platform, including JS and other stuff 09:12:57 betehess: for many people, webid == webid-over-tls 09:13:18 bblfish: I'll rename the spec to mention TLS explicitly in the title 09:13:40 melvster: browserid is mozilla's identity in the browser 09:13:50 ... it's email based, centralized 09:14:25 ... the private key is kept by the identity provider 09:14:30 ... it's the other way around 09:15:08 ... they say it's federated 09:15:19 ... but it starts at @@.com 09:15:30 ... but you can opt-out by deploying your own service 09:15:52 trueg_: the idea is that each email provider had their own system 09:16:03 ... but nobody supports it so far 09:19:43 bblfish: we should look at what makes browserid and webid similar 09:19:59 (Earlier: timbl: This should be a flexibility point in the architecture, that many systems can be used for authentication, and each end up providing to a RWW-LDP system what it needs, an HTTP RDF URI for an agent. 09:20:01 ... this could help defining what webid is 09:20:04 q+ 09:20:13 q- bblfish 09:22:15 trueg_: the question about branding is important 09:22:38 ... like when alex were mentionning the connection to LDP 09:23:04 ... we need to stress that so that when we speak to people, we don't scare them away 09:23:29 ... we should tell them simple things that we need 09:24:17 ... "an agent/person on the Web is authentified by an HTTP URI" 09:24:29 ... this is how we would brisge the gap with LDP 09:24:45 ... this would help us defining WebACLs as well 09:25:12 ... because at the end, this is what the Web is about 09:25:31 timbl: yes, in term of systems, this is what the systems return 09:26:16 s/brisge/bridge/ 09:27:40 bblfish has joined #webid 09:42:53 chsiao has joined #webid 09:52:40 rblin has joined #webid 10:00:38 jin has joined #webid 10:11:17 ttanaka2 has joined #webid 10:13:28 JonathanJ has joined #webid 10:14:25 RRSAgent, please generate minutes 10:14:25 I have made the request to generate http://www.w3.org/2012/10/30-webid-minutes.html betehess 10:16:38 JonathanJ1 has joined #webid 10:18:17 bblfish has joined #webid 10:19:12 was proposed earlier: an agent/person on the Web is authentified by an HTTP URI 10:19:38 during the break, timbl proposed the following: an agent/person on the Web is denoted by an HTTP URI 10:19:50 definition of a WebID 10:19:52 ? 10:21:03 "an agent/person on the Web is denoted by an HTTP URI", that HTTP URI is a "WebID", WebID being the name for a URI which identifies an agent. 10:22:29 (FOAF+SSL -> WebID Protocol -> WebID Auth Protocol) != WebID 10:23:31 +1 10:23:33 but the question is what if I create a URI a WebID for webr3 ? 10:24:30 would that be webr3's webid? 10:24:48 then that is a WebID for me, a URI which identifies me, it may not be my con:preferred/canonical one, but it refers to me. It is "a webid" not "the webid" 10:25:01 kotakagi has joined #webid 10:25:13 The one I mint for myself can be deemed authoratitive, due to dns & uri ownership, and backed up by sigs and even checking the social graph 10:25:52 in webid protocol I may use "a" webid for msyelf, it's not the one true only identifier 10:26:25 webr3, FYI, we're quite thrilled by your definition, we're discussing about it 10:27:48 bblfish: how do I know if the http uri is not for a cat? 10:28:01 alex: you don't 10:28:10 or how do your know it's not a URI for a relation, or a type 10:29:46 gaiaphj has joined #webid 10:31:03 betehess BrowserId has been renamed Persona 10:33:16 'http uri is not for *********', that's what linked data covers, as timbl discussed on www-tag recently, what a URI refers to is in it's usage within a conversation, linked data (via ownership from dns system, and with http uris so you can dereference) allows a URI "owner" to describe what a thing refers to, in a way that unambiguous enough for the general conversation, and within that community 10:33:30 people asking: does it really make sense to try to talk to the browserid people? or should we stick to LDP? 10:33:36 q+ 10:34:19 melvster: you only authenticate when you need to, that's another reason to dissociate with identification 10:35:11 bblfish: so far, they use a JSON based certificate 10:35:30 ... they have pushed back on having an URL in there 10:36:00 q+ 10:36:11 q- 10:36:18 JonathanJ1 has left #webid 10:36:36 deiu: maybe we're getting side-tracked by other protocols 10:36:41 ... it's basically linked-data 10:37:15 abasset has joined #webid 10:37:23 ... if this is not about Linked Data, they could use whatever they want 10:37:26 it's side tracking to webid-protocol, not to webid - and the people in this group are concerned with both. 10:37:29 it doesn't matter who you speak to in which groups, what's important is looking at each protocol and finding a way to get a URI for the person out of it, even if by way of a 3rd party/delegated service - for (1) Identification. Auth* is of no concern to Identification. THis is for wider scope consideration in our apps though, and not specific to WebID-Protocol, which is one of many options for users. 10:37:43 ... if we don't want to waste, we should focus on LDP 10:38:22 melvster: this is about naming things, not convincing people to use LDP 10:38:38 deiu: we need to use some keyword: HTTP, URIs, etc. 10:38:43 ack next 10:38:48 q- 10:38:57 ack next 10:39:11 q+ 10:40:21 alex: I agree we must focus on the LDP people 10:40:36 bblfish: this definition may be too broad 10:41:34 q+ 10:41:38 ... if w3c says that they are working on something universal, we'll be seen at too imperial 10:41:42 ack bbl 10:43:20 that's ok if a WebID URI denotes an Agent, then an e-mail address cannot be a WebID since it refers to an e-mail address 10:43:28 timbl has joined #webid 10:44:03 but note that if a WebID URI denotes an Agent, then an e-mail address cannot be a WebID since it refers to an e-mail address, an openid cannot be a WebID because OpenId refers to a document 10:44:22 s/e-mail address/mbox/ 10:46:44 http://www.w3.org/TR/webarch/#indirect-identification 10:46:52 To say that the URI "mailto:nadia@example.com" identifies both an Internet mailbox and Nadia, the person, introduces a URI collision. However, we can use the URI to indirectly identify Nadia. Identifiers are commonly used in this way. 10:47:04 +q 10:47:04 A WebID is an HTTP LDP HTTP URI which denotes a person. There are protocols to get them from various ways, Openid-W for example from a OpenID page, BrowserID-W from an email dress using Moz's system, webfinger-W using webfinger, and WebID-TLS to to get it using across-linked cert. 10:47:32 q+ to suggest that 10:48:29 timbl: it's not about removing the security from the system 10:48:46 shh has joined #webid 10:48:52 fwagner has joined #webid 10:51:08 bblfish: when are people interested about their identity? when they authenticate? 10:51:24 q+ 10:51:27 alex: no, I could refer to your webid without authenticating you 10:51:47 q? 10:51:49 most people, BTW, don't know anything about 'identity' in a computing sense .. they just want to do things they want to do 10:52:09 trueg_: just wanted to comment on separation btw ldp and profile url 10:52:22 ... with webr3' def, we only have the URL 10:52:35 ... is there benefit for us? 10:52:39 ... how much does it help? 10:52:49 q+ 10:52:51 q+ to suggest "A WebID is an HTTP LDP HTTP URI which denotes a person. There are protocols to get them from various ways, Openid-W for example from a OpenID page, BrowserID-W from an email dress using Moz's system, webfinger-W using webfinger, and WebID-TLS to to get it using across-linked cert." 10:52:57 q+ later 10:53:31 ... there should be dereferencable urls, and a profile, whether it's foaf or not 10:53:40 ... it's been aroudn for a while 10:53:55 In fact FOAF URI is not a good term for it really as FOAF is just one application 10:54:13 melvster: webid protocol is more specific 10:54:19 ... used to be foaf-ssl 10:54:22 adapted slightly: "A WebID is a LD (or derferencable) HTTP URI which denotes an agent. There are protocols to get them from various ways, Openid-W for example from a OpenID page, BrowserID-W from an email dress using Moz's system, webfinger-W using webfinger, and WebID-TLS to to get it using across-linked cert." (minus LDP, and agent rather than perosn) 10:54:27 ... but webid is a cool name 10:54:55 q- 10:55:21 trueg_: don't dispute that, just saying that having just http uri may be too broad 10:55:52 webr3, people here are saying that you're getting too complicated :-) 10:56:17 the important part of that definition is "A WebID is a LD (or derferencable) HTTP URI which denotes an agent." 10:56:19 trueg_: we should stick with http urls 10:56:30 lol fair point - just needs a URI which points to some linked data about the agent referred to by the uri 10:56:48 q? 10:56:51 webr3, by "or derferencable" do you mean (a) i.e. dereferencable or (b) or any non-RDF dereferncebale URI 10:56:52 ack tru 10:56:57 auth protocols can be bootstrapped to get those uris (webfinger-w etc) 10:57:30 q? 10:57:32 timbl, dereferencable to "linked data" 10:57:38 ack tim 10:57:38 timbl, you wanted to suggest that and to suggest "A WebID is an HTTP LDP HTTP URI which denotes a person. There are protocols to get them from various ways, Openid-W for example 10:57:42 ... from a OpenID page, BrowserID-W from an email dress using Moz's system, webfinger-W using webfinger, and WebID-TLS to to get it using across-linked cert." 10:57:52 timbl: we're talking about systems design 10:58:03 ... it's a LD URL 10:58:06 ... or it may not support LDP 10:58:17 ... it could writable 10:58:18 ... or not 10:58:28 ... but it's critical to be able to GET it 10:58:37 ... and you need to get back an RDF model 10:58:58 ... foaf is for social networking application 10:59:05 timbl, clarification request - GET it diretly, or indirectly (via a 3rd party service) 10:59:27 ... so I like LD URI 10:59:33 ... you GET an RDF model 11:00:01 ... and we could say: TURTLE is mandatory 11:00:08 ack mel 11:00:20 http://www.w3.org/TR/webarch/#indirect-identification 11:00:48 [ "Today, 10 Downing Street announced a series of new economic measures." ] 11:01:11 [ To say that the URI "mailto:nadia@example.com" identifies both an Internet mailbox and Nadia, the person, introduces a URI collision. However, we can use the URI to indirectly identify Nadia. Identifiers are commonly used in this way. ] 11:01:11 melvster: it's an example of indirect ident 11:01:55 timbl: that's why I use a stricter definition 11:02:19 ... "denote" for me is a function 11:02:33 ... mailto designs a mailbox, not a person 11:02:40 q- 11:02:41 q- 11:03:37 alex: sooo, are we putting LD in the first definition? 11:03:50 bblfish: we already have "web" in webid, so yes 11:04:12 q+ to say perhaps there are two strands to this conversation, one is to define well known protocol that uses LD, and the other how to bootstrap other auth* systems in order to get (a) a WebID and (b) more information about the agent referred to 11:04:21 JonathanJ1 has joined #webid 11:04:26 1- as I can't actualyl "say" it :| 11:04:30 q- 11:04:33 webr3: we're focusing on LD 11:04:37 +1 11:05:00 s/+1// 11:05:03 alex: please wait for a PROPOSAL definition 11:06:10 A WebID is a LD HTTP URI which denotes an agent." 11:07:22 A 4* LD URI 11:09:44 Or broader: "A WebID is a 4* Linked Data URI which denotes an Agent" - every constraint we add cuts somebody out, but make implementaiton easier 11:11:02 http://5stardata.info/ 11:12:00 "A WebID is a HTTP URI which denotes an Agent. You can GET an RDF model as TURTLE." 11:12:16 is slightly more constrained than "A WebID is a 4* Linked Data URI which denotes an Agent" 11:12:26 http://www.w3.org/DesignIssues/LinkedData.html 11:14:43 "A WebID is a hash HTTP URI which denotes an Agent. You can GET an RDF model as TURTLE. 11:15:18 I have a problem with tying to turtle in the definition of WebID 11:15:47 +1 on "A WebID is a hash HTTP URI which denotes an Agent. You can GET an RDF model as TURTLE." it adds constraints which make it ideal, negating httpRange-14, and not forcing people to have 5000 different parsers 11:17:02 q? 11:17:27 timbl is pushing back on beting too general with how things could work ( because I had suggested GRDDLing documents ) 11:18:10 q+ to introduce webr3's remark 11:19:17 ack me 11:19:17 betehess, you wanted to introduce webr3's remark 11:19:29 betehess, please add that a tight definition doesn't preclude bootstraping/grddl etc, people can and will still do that -but the end goal must be something interoperable using simple standards 11:19:47 and ty 11:20:09 "A WebID is a hash HTTP URI which denotes an Agent. You can GET an RDF model as TURTLE." 11:20:40 timbl also mentioned that specs should be small and prrecises with clear specs so that they can be implemented and so that we tests can be built for for them: so that we can have guarantees 11:21:08 PROPOSAL: "A WebID is a hash HTTP URI which denotes an Agent. You can GET an RDF model as TURTLE." 11:21:27 +1 11:21:31 +1 11:21:33 +1 11:21:36 +1 11:21:39 +1 11:21:44 +1 11:21:44 +1 11:21:47 +1 11:21:47 +1 11:21:48 +1 11:21:48 0 11:21:54 +1 11:22:05 +1 11:22:11 +1 11:22:45 +1 11:23:45 philipp: we develop ontowiki 11:24:01 ... this relies on 303 11:24:06 ... so this definition could be an issue for us 11:24:45 timbl: you do conneg? what do you do if people accepts rdf and html? 11:26:02 philipp: we may have a special case for webid 11:26:10 ... which does not rely on redirects 11:26:20 +1 11:26:45 +1 11:27:16 +1 11:27:17 RESOLVED: "A WebID is a hash HTTP URI which denotes an Agent. You can GET an RDF model as TURTLE. 11:28:25 fwagner has joined #webid 11:29:36 for this afternoon, we have to define "webid over tls" and "webacls" 11:29:52 (just temporary names) 11:30:08 any possibility of doing "webid-no-tls" too? 11:30:28 webr3, that's what we'll try to find out 11:30:40 webr3, the concensus is that we don't want to prevent other people to define that 11:30:55 hence "over tls" for now 11:31:01 nice approach, don't do it but don't prevent it :) 11:31:28 what time is webacls oine, roughly? 11:32:18 RRSAgent, please draft minutes 11:32:18 I have made the request to generate http://www.w3.org/2012/10/30-webid-minutes.html betehess 11:32:49 q+ 11:34:01 steve: part of the CG process, you can get with a deliverable with a pretty well finalized spec 11:34:03 ... you can go to a WG with that 11:34:26 ... they may have to adjust the charter 11:34:38 ... but you need to define what you want 11:35:52 ack shh 11:38:28 ... in many way, it's a fast-track to get into a WG 11:43:24 BREAK 11:44:28 for the record: it's being proposed that this group will provide a set of specs to be brought to the LDP WG 11:44:47 In a straw poll, the group agreed unanimously 11:44:51 nobody opposed 11:44:51 nobody present opposed it 11:45:15 shh has joined #webid 11:45:20 that the group should proceed to make a Final Specification and charter or rechater WG work on it./ 11:46:07 Tim got it right. It's about getting a Final Specification. 11:53:16 is anybody from LDP group here, or nearby to get their opinion on it, espec Ivan 12:19:59 tpacbot has joined #webid 12:21:39 webr3: late to this, but a WebID is a verifiable URI that denotes an agent. Verifiability is a critical attribute. WebID Authentication Protocol is an example of a verification protocol. Then we have loose coupling of the Agent ID and the verification/authentication protocol 12:26:35 kidehen, verifiable in different ways (crypto vs social graph inference)? 12:36:25 webr3: verifiable using a variety of protocols: WebID Authentication Protocol (crypto and entity relationship semantics based reasoning) 12:37:46 webr3: remember, we also have a variant of WebID that we call YouID. It users fingerprints where WebID currently uses the Public Key and WebID association. This is quite cut and paste friendly, for instance 12:38:44 philipp has joined #webid 12:38:47