Use Cases and Requirements

From WebID Wiki

This page is a work in progress. Currently brainstorming the high level concepts, which will be turned in concrete use cases / user stories as appropriate.


Core Use Cases

1. Single Sign On

1.1 Single Sign On using a User Agent (browser)

Requirements:

  • The User Agent (browser) attempts to access a resource using HTTP over TLS.
  • The Verification Agent (web server) must request the Identification Certificate of the User Agent (browser) as a part of the TLS certificate.
  • The Verification Agent (web server) must extract the public key and the WebID URI contained in the Identification Certificate.
  • The Verification Agent (web server) must determine if an Identification Agent can have access to a particular resource.

1.2 Single Sign On using a rich client

Additional Use Cases

2. Social Graph Information

2.1 Discovery of Profile data on the social graph

2.2 Discovery of list of friends from a WebID

Note: this is perhaps out of scope of WebID core, but a useful side-effect


3. Access Control

3.1 Allowing Access control to resources via a User Agent (browser)

3.2 Allowing Access control to resources via a rich client

Note: this is perhaps out of scope of WebID core, but a useful side-effect