Use Cases and Requirements
This page is a work in progress. Currently brainstorming the high level concepts, which will be turned in concrete use cases / user stories as appropriate.
Core Use Cases
1. Single Sign On
1.1 Single Sign On using a User Agent (browser)
Requirements:
- The User Agent (browser) attempts to access a resource using HTTP over TLS.
- The Verification Agent (web server) must request the Identification Certificate of the User Agent (browser) as a part of the TLS certificate.
- The Verification Agent (web server) must extract the public key and the WebID URI contained in the Identification Certificate.
- The Verification Agent (web server) must determine if an Identification Agent can have access to a particular resource.
1.2 Single Sign On using a rich client
Additional Use Cases
2. Social Graph Information
2.1 Discovery of Profile data on the social graph
2.2 Discovery of list of friends from a WebID
Note: this is perhaps out of scope of WebID core, but a useful side-effect
3. Access Control
3.1 Allowing Access control to resources via a User Agent (browser)
3.2 Allowing Access control to resources via a rich client
Note: this is perhaps out of scope of WebID core, but a useful side-effect