Social Web Incubator Group Teleconference -- 01 Sep 2010

<trackbot> Date: 01 September 2010

<mischat_> mmm

zakime, mute me

<hhalpin> scribe: mischa

<danbri> is zakim hosed, or worth trying to dial?

<renato> ODRL Website http://odrl.net/

danbri: call but ask for admin assitance

<hhalpin> Renathttp://odrl.net/2.0/WD-ODRL-XML.html

hhalpin, is asking about ODRL

<tlr> danbri, zakim seems to have resurrected itself

<hhalpin> http://odrl.net/2.0/WD-ODRL-Vocab.html

renato: ODRL was developed around 10 years ago

<hhalpin> everything is still kinda XML :)

renato: in the XML world of DRM

<hhalpin> http://odrl.net/2.0/DS-ODRL-Model.html

renato: ODRL is for expressing right, trying to abstract away from DRM, it is was intended to be a more general policy language

<hhalpin> Which handsets?

<hhalpin> I see Nokia and Vodafone...

<hhalpin> on the web-pgae

renato: saying that the biggest deployment is actually a DRM based handset

ODRL can also handle creative commons

<hhalpin> also, do we have a URI for creative commons?

there are a bunch of working groups

ODRL is going to be a policy language

in version 2.0

<renato> Editors draft http://odrl.net/2.0/DS-ODRL-Model-20100831.html

the new model ^^ (updated yesterday), it now based around policies

and not around rights

<renato> SN use cases http://odrl.net/wiki/tiki-index.php?page=Social+Networks+Profile

ODRL have been looking at requirement for describing policies for social networking

^^ trying to express social networking constructs such as "all of my groups" or "all my connections"

<hhalpin> DAP?

<renato> W3C Privacy Rulesets Editor's Draft 21 April 2010

and how such things would be expressed in a machine-readable manner

<renato> http://dev.w3.org/2009/dap/privacy-rulesets/

yes that is a part of DAP

<hhalpin> http://dev.w3.org/2009/dap/privacy-rulesets/

<renato> Express in ODRL: http://odrl.net/wiki/tiki-index.php?page=W3C+Privacy+Rulesets

the privacy-rulesets work has got some use cases around social networking use cases

ODRL group have mapped the use cases drawn out by the DAP

ODRL are trying to prove that the social networking use cases can be expressed in ODRL 2.0

there is an XML encoding

<hhalpin> maybe a RIF encoding?

people from Koblenz are looking at an RDF and OWL encoding

ODRL think that these are all very important

the "plus collation"?

ODRL are looking at ACAP (access control) people

renato: can you clarify those two groups in IRC ?

<renato> PLUS Coalition http://www.useplus.com/

<renato> ACAP http://www.the-acap.org/

<hhalpin> http://www.useplus.com/aboutplus/coalition.asp

PLUC Coalition and ACAP (automated content) access protocol -> http://www.the-acap.org/

hhalpin: asked if you can express payment / monitary obligations

so yes, you can express payments in the ODRL

ODRL is a community/grass roots organisations

the work is undertaken in good will, and lots of momentum this last year

ODRL are thinking that the W3C could be a good place to host the ODRL as a standard for policy language

ODRL would like to see an easy way to express policy for web content

w3c had a DRM workshop in 2001, and ODRL was there, and renato feels that now is time that policy/privacy standards need to expressed

ODRL has done the work of designing policy/privacy standards, and they feel that they can get the ball rolling quickly

renato: ODRL is talking to OneSocialWeb

<hhalpin> an XMPP binding is in planned for one social web

3 concepts : Access Control, Usage Control, Privacy Control

Access Control => authenticate, and then see content

Permission Control => reuse of such data

<hhalpin> so policy has a focus on re-use and obligations (i.e. credit, payment)

Privacy Control => Putting obligations ontop

<danbri> (are openid folk joining in 2mins?)

hhalpin: asked what is the next concrete step for ODRL ?

renato: from ODRL's POV they would like a working group
... thinks that there is enough expertise

it needs to scoped, not to general

<danbri> re WGs, what's W3C's annual 'active WG' budget?

RIF

and AIR ?

privacy-rulesets

not privacy-icons

<danbri> 2 ppl joined

loads of people !

<renato> Privacy icons paper http://virtualgoods.org/2010/program.html

<MacTed> dratted calendar didn't adjust my start time :-(

<tlr> I recommend reviewing the workshop report

<tlr> http://www.w3.org/2010/api-privacy-ws/report.html

renato: thinks that we should be pushing WG

<renato> bye

<danbri> tlr, does w3c have a figure for how many WGs can run at same time, roughly?

OpenID Connect and Facebook Connect

<danbri> is this OpenID Connect -and- OpenID vNext?

<tlr> yes

<danbri> not fb connect, then (as scribed above)

Dick: talking about OpenID vNext

since the OpenID Connect came about, it has then dried up some energy around vNExt

<danbri> openid mailing lists: http://openid.net/developers/dev-mailing-lists

vNext was meant to fix some issues around openid, security

<danbri> http://lists.openid.net/mailman/listinfo

one of the goals was to allow too into key's/browser based support for openid

1 discovery, 2 protocol 3 usability 4 attributes

the working has been broken up into ^^

various people have been interested in various different aspects

vNext looked like a lot of work

so openid connect came around

they noticed that identity alone

was going to cause mass adoption

was NOT

so, it seemed that you needed more than just identity, this can be seen in the adoption of facebook connect

OAuth was never designed to be used by humans

no concept of identity, discovery

<hhalpin> OpenID connect includes profile+APIs+identity out of standardized patterns

OpenID Connect, is trying to combine identity, APIs, and profile

information

like we are seeing on the web today

hhalpin: there is this talk of the national id system? which must be heavy security? What is the OpenID's take on this

US gov has a different focus from the european counterparts

the US gov are not talking about issuing identity

there is lots of work by John Bradley (?)

looking at how to make openid profiles more security

openid 2.0 is fairly low on security

there is also work by (?)

using artifact binding

one of the goals of the OpenID vNext was to move up the security stack

level 2 or something ...

hhalpin: asks about further browser integration, what is the critical path for browser integration ?

Dick: browser integration was a goal of vNext

whereas in OpenID connect, there are API calls, so it is near on impossible to having client based identity support

there is still a role for the browser

i.e. what identity are you using at the moment, which sites are you logged in to?

so there are some real problems that need solving in OpenID Connect world

in the browser, but unlike vNext, there is no intention to hold the identity in the browser

<hhalpin> http://www.links.org/?p=187

<Zakim> manu_, you wanted to ask about crypto-backed identity

manu_: is confused about what work is being integrated in OpenID Connect? Is there going to be support for digital signatures, or more cryptostuff

s/crypotostuff/ssl for interactions/

there is going to be ssl support

no one has brought use cases for digital signatures

the OpenID connect work in collaboration with browser vendors will help make progress towards having broswers which are more aware of identity

manu_: asks if use-cases were presented to the OpenID connect group re: digital signatures

WebID seems to be a bit far off from openid's current intentions

if you want openid connect to do stuff, show up

<Zakim> danbri, you wanted to ask what you say when people ask if they're 2 technologies in competition

danbri: can you help us talk about OpenID, is it a technology, is a community, it is expertise ?

<hhalpin> maybe to be blunt, do we see OpenID Connect subsuming OpenID?

openid is all of the above?

do you see OpenID becoming an umbrella for similar technologies in this space

answer: well if you should up, then the openid may be interested in what you have to say ?

bblfish: asks how WebID and OpenID are different ?

the client side certificates UI needs improving?

bblfish: WebID is doing something similar to OpenID, both are looking at giving universal identity
... asks why they aren't merging, and why isn't there enough information sharing

between to the two communities

<melvster> The initial Yadis was based on FOAF

mmm, openid chap thinks that WebID is just an Identity provider, whereas the interesting part of OpenID is the extensions

<melvster> mischat: sorry, who's speaking?

<melvster> thanks

hhalpin: so OpenID vNext is being subsumed by OpenID Connect, are there plans to merge these?
... are there parts of OpenID Connect that are up in the air ?

<hhalpin> signing requests and responses is still up in the air

signing requests and responces are up in the air

hhalpin: is openid connect going to suffice the needs of ecommerce and the gov initiatives

answer: no these aren't out main focus

<manu_> We plan to join OpenID Connect group to drive the ecommerce use cases

<manu_> it would be a shame to ignore those use cases when designing OpenID Connect.

<danbri> (was that dick speaking, the 'should'?)

david says that identity work in the browser is somethign which the W3C "should"

<manu_> Perhaps we can liason between WebID community and OpenID Connect community to ensure good cross-pollination of ideas.

all of this work in the identity in the browser stuff mozilla

<bblfish> question on relation to xauth/oauth?

<Zakim> manu_, you wanted to state that we'll join OpenID Connect

manu: stated that they will join the openid connect group

15th

<bblfish> ?

yup

<manu_> September! :)

doh

<hhalpin> Telecon: 15th of Sept with Aza "identity in the browser"

and their privacy icons stuff too

<melvster> 8am

<hhalpin> 3:00 PM

http://permatime.com/UTC/2010-09-01/15:00

<bblfish> was the question on oauth/xauth

<manu_> Thanks to both Dick Hardt and David Recordon for speaking with us...

<danbri> (re helping organize - yes, but only after mid-oct)

<manu_> thanks for the invite to listen in to SWXG and Harry :) - appreciate it, will follow up via e-mail, etc.

<hhalpin> http://www.w3.org/2010/08/25-swxg-minutes.html

<hhalpin> Approve minutes?

<tlr> +1

<manu_> +1 (not that it counts :))

<tlr> (not that I was there...)

<hhalpin> http://www.w3.org/2010/08/25-swxg-minutes.html are approved.

bye

<hhalpin> IIW East re DC

paul: meeting in washington next week to talk about Infocard people

<hhalpin> infocard foundation will be there.

paul: the browser should be in full control of the release of attributes
... to talk about the infocard/identity work?

hhalpin: that may help us decide what to ask the browser vendors

<danbri> (are Mozilla 'vendors'?)

<bblfish> the WebID community should put together something we would like from the Browser vendors too

<hhalpin> agenda for next will be Paul of infocards/higgins

<hhalpin> ACTION: hhalpin to ask sandro to attend IIW East [recorded in http://www.w3.org/2010/09/01-swxg-minutes.html#action01]

<trackbot> Created ACTION-171 - Ask sandro to attend IIW East [on Harry Halpin - due 2010-09-08].

http://www.w3.org/2005/Incubator/socialweb/wiki/FinalReport#Privacy_and_Privacy_Standards

<bblfish> mischat: we should get together on IRC

<bblfish> on skype I mean

either or henry

<melvster> only 1 i know of :)

<bblfish> (I have been very busy last week on confs to W3C and Galway conf)

<hhalpin> ACTION: DKA to shorten too long use-cases and see if he can reference in SWAT test cases. [recorded in http://www.w3.org/2010/09/01-swxg-minutes.html#action02]

<trackbot> Created ACTION-172 - Shorten too long use-cases and see if he can reference in SWAT test cases. [on Daniel Appelquist - due 2010-09-08].

yeah i have notice henry :) we can pick a time tomorrow perhaps ? to decide what to do bblfish ?

<bblfish> tomorrow is good

<hhalpin> ACTION: mischa to diaspora to talk about being included in final report (interoperable code-basess agreed to SWAT tests?). [recorded in http://www.w3.org/2010/09/01-swxg-minutes.html#action03]

<trackbot> Created ACTION-173 - Diaspora to talk about being included in final report (interoperable code-basess agreed to SWAT tests?). [on Mischa Tuffield - due 2010-09-08].

<hhalpin> ACTION: [CONTINUES] bblfish and mischa to write a new introductory paragraph with definition of social web and case for open-source/business use of standards. [recorded in http://www.w3.org/2010/09/01-swxg-minutes.html#action04]

<trackbot> Sorry, couldn't find user - [CONTINUES]

<hhalpin> ACTION [CONTINUES]: Add to intro a "user story" of why current approaches don't work.

<trackbot> Sorry, couldn't find user - [CONTINUES]

bblfish: tomorrow grab me on skype, and we can discuss

<hhalpin> ACTION: [DONE] hhalpin to set up HTML5/Interaction domain telecon before Sept. [recorded in http://www.w3.org/2010/09/01-swxg-minutes.html#action05]

<trackbot> Sorry, couldn't find user - [DONE]

<hhalpin> ACTION: [CLOSE] bblfish (and paul maybe?) flesh out and draft identity section. [recorded in http://www.w3.org/2010/09/01-swxg-minutes.html#action06]

<trackbot> Sorry, couldn't find user - [CLOSE]

<hhalpin> ACTION [DONE]: bblfish (and paul maybe?) flesh out and draft identity section.

<trackbot> Sorry, couldn't find user - [DONE]

bblfish: http://www.w3.org/2005/Incubator/socialweb/wiki/FinalReport#Profile_Standards

<tlr> q

<hhalpin> ACTION: alexpassant to flesh out of profile section [recorded in http://www.w3.org/2010/09/01-swxg-minutes.html#action07]

<trackbot> Created ACTION-174 - Flesh out of profile section [on Alexandre Passant - due 2010-09-08].

<danbri> there's a subset of poco that's v close to vcard

<danbri> but the schema also has all opensocial attribs

<hhalpin> Could we get a convergence story that includes FOAF?

<danbri> http://www.w3.org/TR/2010/WD-contacts-api-20100121/

<danbri> i'll ping

<danbri> happy to track consensus in the foaf schema

<hhalpin> ACTION [CONTINUES]: hhalpin and melvster to review activity standards

<trackbot> Sorry, couldn't find user - [CONTINUES]

I am happy to take this section

"Decentralised Social Networking Projects "

<hhalpin> ACTION: [DONE] venezia to do mobile paragraph [recorded in http://www.w3.org/2010/09/01-swxg-minutes.html#action08]

<trackbot> Sorry, couldn't find user - [DONE]

<hhalpin> ACTION [DONE]: venezia to do mobile paragraph

<trackbot> Sorry, couldn't find user - [DONE]

am also "Content Standards"

<hhalpin> ACTION: mischa to give a good draft of content section [recorded in http://www.w3.org/2010/09/01-swxg-minutes.html#action09]

<trackbot> Created ACTION-175 - Give a good draft of content section [on Mischa Tuffield - due 2010-09-08].

<hhalpin> ACTION: hhalpin to work on strategy document [recorded in http://www.w3.org/2010/09/01-swxg-minutes.html#action10]

<trackbot> Created ACTION-176 - Work on strategy document [on Harry Halpin - due 2010-09-08].

<hhalpin> Meeting Adjourned

<bblfish> bye

<hhalpin> WebGL

<hhalpin> trackbot, meeting adjourned

<trackbot> Sorry, hhalpin, I don't understand 'trackbot, meeting adjourned'. Please refer to http://www.w3.org/2005/06/tracker/irc for help

<hhalpin> trackbot, end meeting

<hhalpin> trackbot, start meeting

<trackbot> Meeting: Social Web Incubator Group Teleconference

<trackbot> Date: 01 September 2010

- DRAFT -

Social Web Incubator Group Teleconference

01 Sep 2010

Attendees

Contents

Summary of Action Items

Scribe.perl diagnostic output