WebID Definition/Requirements

(by Alexandre Bertails, no review yet)

Goal

• WebID MUST define what it means to have an identity on the Web

Use-cases

• referring to an Agent identity
• WebID-based authentication
• WebID-based authorization

Requirements

• one MUST be able to change one's WebID
• one MUST distinguish a WebID (a simple URI for a Web Resource) from a WebID Profile (the Web Information Resource). This MUST not rely on dereferencing.
• the WebID Profile MUST define a default representation format
• the system MUST take efficiency into account
• the system MUST not introduce any incompatility with LDP, especially for Write operations

When you use a SHOULD without a MUST

Then there is no minimal set of expectations that one can rely on. This makes interoperability much harder if even possible.

When you open the door to 303

• not everybody understands HTTP 303
• it raises plenty of questions in the case of HTTP POST/PUT/DELETE/etc.
• that may be a direct problem with LDP
• you must explicitly describe in the spec how many redirects are acceptable (what is the max number?)
• you introduce a redirect for all dereferenced resources (eg. FOAF ontology)
• cachability is an issue
• bookmarks are an issue
• deployment may be an issue (like with a simple Apache server)

When you don't require a specific default representation for the WebID Profile

Then a client is never sure it will understand what gets sent to it.

When you don't require a hash URI for a WebID

• you cannot make the difference between a WebID and a Web Profile without an HTTP GET
• you face the http-range-14, which requires HTTP 303 (see other issues)

When you prefer your own terms instead of well-defined concepts that you can link to a specification

Then people don't listen to you. Especially when you persist.