From W3C Wiki
We have a wealth of technologies to pick from for a semantic address book. In order to not drift off in research-y areas, we try to identify a subset that enables the creation of an initial version but will still allow us to easily add features later. The list below is open to discussion.
- Syntax / Formats
- microformats (hCard, XFN) to encode contact information and relations in personal web pages (use rel-me to enable resource consolidation)
- eRDF and/or RDFa to encode and redistribute contact information and relations
- Access to public contact data
- a simple GET for MF/eRDF/RDFa-enhanced homepages
- SPARQL? (instant fun to learn and work with, but would require a SPARQLy back-end)
- Access to non-public contact data (do we want/need this for v1?)
- overly complicated for automated, non-human access, but we may build on identity information acquired from openID data
- HTTP Basic Auth?
- usually requires per-user authentication information (i.e. the nodes would have to store something like an account for each possible requester), but we may use a layer on top of the 401 mechanism
- a simple approach that combines HTTP Basic Auth and RDF ("RDFAuth", a detailed spec will be available soon):
- node1 requests a private graph serialization from node2 (GET + personal identifier + token, sent using HTTP Basic Auth principles)
- node2 verifies that the agent associated with the sent identifier is allowed to access the requested private graph (e.g. via SPARQL and trusted Named Graphs)
- node2 verifies that the sent token was created by the agent associated with the sent identifier (the identifier could be an OpenID, or some other identifying RDF term. node1's token verification endpoint is mentioned/described in node1's public profile, so that node2 knows where to look. This is the RDFAuth-specific mini-protocol that has to be defined, i.e. whether to return a simple "1", or an RDF doc with token expiration information, or something else)
- node2 returns the requested document on success, or a 401 HTTP Basic Auth response otherwise
- RDF's triple and/or SPARQL's quad model for flexible integration, provenance, and extensibility
- Vocabularies/self-descriptive Semantics
- DB (SPARQL Store) vs. File-based
- In-Browser SQLite (via Google Gears)?
Front-End and UI
- Sparqlets (SPARQL-driven widgets)
- SPARQL Protocol HTTP Bindings?
- Live/Web Clipboard?