IRC log of webid on 2012-10-30

Timestamps are in UTC.

00:05:21 [MacTed]

MacTed has joined #webid

00:40:32 [timbl]

timbl has joined #webid

05:22:56 [bblfish]

bblfish has joined #webid

06:36:35 [bblfish]

RRSAgent, draft minutes

06:36:35 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/10/30-webid-minutes.html bblfish

06:40:34 [trueg_]

trueg_ has joined #webid

07:22:17 [fwagner]

fwagner has joined #webid

07:42:00 [fwagner]

fwagner has left #webid

07:44:27 [melvster]

melvster has joined #webid

07:44:36 [melvster]

morning all! :)

07:47:56 [develD]

develD has joined #webid

07:55:23 [trueg_]

trueg_ has joined #webid

07:56:16 [betehess]

betehess has joined #webid

07:57:10 [oberger]

oberger has joined #webid

08:00:48 [jonathandray]

jonathandray has joined #webid

08:02:54 [kotakagi]

kotakagi has joined #webid

08:04:04 [bblfish]

bblfish has joined #webid

08:05:59 [philipp]

philipp has joined #webid

08:07:18 [ttanaka2]

ttanaka2 has joined #webID

08:07:20 [wei]

wei has joined #webid

08:09:18 [Zakim]

Zakim has joined #webid

08:09:28 [betehess]

RRSAgent, please generate minutes

08:09:28 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/10/30-webid-minutes.html betehess

08:09:34 [deiu]

deiu has joined #webid

08:09:44 [betehess]

chair: bblfish

08:09:46 [gregory]

gregory has joined #webid

08:09:52 [betehess]

scribenick: betehess

08:10:11 [betehess]

present+ Alexandre Bertails

08:10:21 [betehess]

RRSAgent, please generate minutes

08:10:21 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/10/30-webid-minutes.html betehess

08:10:25 [melvster]

present+ Melvin Carvalho

08:10:27 [bblfish]

present+ bblfish

08:10:31 [deiu]

present+ Andrei Sambra

08:10:37 [jonathandray]

present+ Jonathan Dray

08:10:47 [philipp]

present+ Philipp Frischmuth

08:10:51 [jin]

jin has joined #webid

08:12:11 [gregory]

present+ gregory barry

08:12:35 [sangrae]

sangrae has joined #webid

08:13:00 [betehess]

present+ Steeve Holbrook

08:14:19 [chsiao]

chsiao has joined #webid

08:14:43 [sandro]

sandro has joined #webid

08:15:17 [gaiaphj]

gaiaphj has joined #webid

08:15:59 [betehess]

present+ TimBL

08:18:24 [bblfish]

Topic: WebID future in W3C

08:18:58 [bblfish]

spec http://webid.info/spec

08:19:16 [bblfish]

bertails sees this as strongly related to LDP

08:19:54 [bblfish]

me +1 it is, though not completely dependent on it.

08:20:37 [melvster]

q+

08:20:39 [bblfish]

bertails: ldp also would find it very useful to have webid

08:21:26 [bblfish]

... explains LDP is about putting data in documents, modify data, etc ... in a RESTful way

08:21:44 [bblfish]

... where RDF was about data, ldp is about modifying over the web

08:22:00 [bblfish]

... ldp is interested in access control - it's in their charter

08:22:12 [SteveH]

SteveH has joined #webid

08:22:48 [bblfish]

... these resources need protection since people need to change resources

08:22:52 [bblfish]

q+

08:23:09 [betehess]

ack next

08:23:36 [melvster]

http://www.w3.org/DesignIssues/ReadWriteLinkedData.html

08:23:45 [bblfish]

melvster introduces the RWW Community group

08:23:46 [timbl]

timbl has joined #webid

08:24:08 [timbl]

RRSAgent, pointer?

08:24:08 [RRSAgent]

See http://www.w3.org/2012/10/30-webid-irc#T08-24-08

08:24:11 [bblfish]

the web vision was initially a Read and Write space.

08:25:58 [bblfish]

melvster webid is orthogonal to ldp. All systems for global communication uses global ids.

08:26:44 [bblfish]

... the explain in simple terms what WebID is

08:27:06 [bblfish]

... the goal of pki should be to simplify the message

08:28:03 [bblfish]

... the RWW group has 60 people, and is incubating specs, ...

08:28:18 [bblfish]

... ldp should be a best practice for what the RWW should be

08:28:26 [bblfish]

... it will be a recommendation

08:28:53 [betehess]

present+ Ann Bassetti

08:29:04 [bblfish]

timbl : concerned that the ldp and rww might diverge

08:29:40 [bblfish]

melvster: we're very much into dog fooding and trying out new things

08:29:45 [deiu]

q?

08:30:10 [bblfish]

betehess: many people speak about linked data, but not many good definitions of it.

08:30:36 [bblfish]

... so the important thing of ldp is that it will give a formal definition of linked data.

08:31:15 [bblfish]

... the dependency between webid and ldp is therefore conceptual at that level

08:32:14 [bblfish]

... but there is also a practical use of WebID

08:32:43 [bblfish]

... certificates work everywhere

08:34:59 [betehess]

timbl: you have plenty of authentication systems out there

08:35:16 [bblfish]

[[

08:35:17 [JonathanJ]

JonathanJ has joined #webid

08:35:17 [betehess]

... at the end, we need to ask them to produce http uris

08:35:28 [betehess]

.... that's the fundamental thing

08:35:40 [AnnBassetti]

AnnBassetti has joined #webid

08:35:41 [bblfish]

[[

08:35:42 [bblfish]

A URI that refers to an Agent - Person, Robot, Group or other thing that can have Intentions. The WebID should be a URI which when dereferenced returns a representation whose description uniquely identifies the Agent as the controller of a public key. In our example the WebID refers to Bob. A WebID is usually a URL with a #tag, as the meaning of such a URL is defined in the document.

08:35:44 [bblfish]

]]

08:37:04 [betehess]

timbl: let's imagine an arbitrary auth system

08:37:27 [betehess]

... how would go allow someone to press a webid button, and at the end, the LDP system works

08:37:45 [betehess]

... I'd see webid as a module of LDP

08:40:52 [betehess]

... just like any other auth system

08:41:07 [betehess]

... we should have a common interface layer that would be interoperable with RWW

08:41:35 [betehess]

betehess: for me, webid (without certificates) would be this common layer

08:41:49 [bblfish]

so the question is whether WebID is about the tie to get a WebID or if it should be the thing that abstracts all other identification systems

08:42:01 [betehess]

melvster: identication and authentication are two different things

08:42:14 [betehess]

q+

08:43:01 [AnnBassetti]

melvster: cannot have authentication unless you have identification first

08:43:21 [jmvanel]

jmvanel has joined #webid

08:43:55 [betehess]

melvster: the idea of URIs is universal and cover both worlds

08:44:02 [bblfish]

melvster was also saying that identity is seperate

08:44:28 [betehess]

melvster: browserid relies on email

08:44:29 [JonathanJ]

JonathanJ has joined #webid

08:44:51 [betehess]

timbl: the email is used to authenticate

08:44:58 [betehess]

... you could expose that in an http uri

08:45:37 [betehess]

bblfish: I'm against webid being the thing binding everything together

08:46:08 [betehess]

bblfish: WebID is about tying a URL to a public key

08:46:15 [betehess]

... eg. WebID over TLS

08:46:23 [betehess]

... or webid over browserid

08:46:45 [betehess]

bblfish: so we should speak about WebID-TLD

08:46:51 [betehess]

s/TLD/TLS/

08:47:05 [betehess]

s/bblfish:/timbl:/

08:47:24 [betehess]

... so webid would be an endpoint

08:48:39 [betehess]

bblfish: any of the _global_ identity you get, you can bind them to other identities

08:49:00 [melvster]

q+

08:49:10 [betehess]

q+ to ask if RDF or LDP is part of the definition

08:49:48 [betehess]

timbl: the designissues you're talking about just say that authz and authn are different

08:50:30 [betehess]

... this discussion is partly about branding

08:51:20 [betehess]

.... you can go to people, say that you have LDP systems, and tell them that you need something URL-based to do authentication

08:51:36 [betehess]

ack melv

08:51:52 [bblfish]

ack next

08:51:53 [betehess]

melvster: webid and webid-protocol are not the same

08:52:06 [AnnBassetti]

ReadWriteWeb)", "Storage", and "All"

08:52:13 [betehess]

... no you get 3 parts at the and

08:52:20 [bblfish]

melvster: identification, authentication, authorization

08:53:11 [betehess]

... I thought we have two definitions, that's why I'm not comfortable with tying the definition with public keys

08:53:26 [betehess]

... would be just fine for the protocol part

08:53:34 [betehess]

ack me

08:53:35 [Zakim]

betehess, you wanted to ask if RDF or LDP is part of the definition

08:54:31 [bblfish]

bethesse has a good story for ldp: it needs a URL identifier

08:55:15 [AnnBassetti]

s/ReadWriteWeb)", "Storage", and "All"//

08:56:08 [betehess]

bblfish: I agree: identity, authn and authz are not the same

08:56:13 [AnnBassetti]

TimBL drew diagram: circles on left representing "Auth1" "Auth2" "OpenID" "Auth3" "WebID" .. each with lines going toward area that is the web as whole

08:56:56 [betehess]

[looks like henry is tying all this stuff to RDF on the whiteboard]

08:57:02 [rblin]

rblin has joined #webid

08:57:30 [AnnBassetti]

... where, the web includes "Apps", "RWW ReadWriteWeb)", "Storage", and "All"

08:59:14 [betehess]

q+

08:59:49 [AnnBassetti]

oh .. what I said is "All" is really "ACL"

09:00:07 [AnnBassetti]

s/"ALL"/"ACL"/

09:01:05 [betehess]

timbl: if you're building apps, you can write rules

09:01:13 [betehess]

... what alex is saying is about prooving

09:01:24 [deiu]

q+

09:01:28 [betehess]

-q

09:04:41 [betehess]

betehess: for the record, I didn't want LDP to be working specifically on webid or webacls, just to focus on protocol itself

09:04:48 [betehess]

... still the use-case must be considered

09:05:07 [deiu]

Link for the auth diagram: http://www.w3.org/wiki/File:Auth-diagram-tpac.jpg

09:05:23 [betehess]

melvster: in the rww group, we're looking closely at LDP, but not only that

09:05:39 [betehess]

... we may have to incubate some ideas ourselves

09:05:52 [betehess]

ack next

09:06:09 [betehess]

deiu: re: the diagram and linking multiple protocols

09:06:11 [bblfish]

access control on LDP will be Friday morning http://www.w3.org/2012/ldp/wiki/F2F1

09:06:18 [betehess]

... it's important (bootstrapping)

09:06:52 [betehess]

... you have multiple systems, but it's easier if it's only a link for the application

09:07:29 [betehess]

... sometimes, apps don't trust enough some authn systems (for some reasons)

09:07:46 [betehess]

... but webid here, already sends many informations about you

09:08:00 [betehess]

timbl: the software architecture is a key thing

09:08:57 [betehess]

... we also need people to be able to create identities easily, for the open market

09:09:01 [bblfish]

q+

09:09:22 [betehess]

deiu: so is webid just another authn protocol? or the common layer?

09:09:33 [betehess]

timbl: yes, that's the question

09:10:21 [betehess]

... definitely about branding

09:10:35 [betehess]

... take html5 for example

09:10:43 [jonathandray]

jonathandray has joined #webid

09:10:52 [betehess]

... it's the Open Web Platform, including JS and other stuff

09:12:57 [betehess]

betehess: for many people, webid == webid-over-tls

09:13:18 [betehess]

bblfish: I'll rename the spec to mention TLS explicitly in the title

09:13:40 [betehess]

melvster: browserid is mozilla's identity in the browser

09:13:50 [betehess]

... it's email based, centralized

09:14:25 [betehess]

... the private key is kept by the identity provider

09:14:30 [betehess]

... it's the other way around

09:15:08 [betehess]

... they say it's federated

09:15:19 [betehess]

... but it starts at @@.com

09:15:30 [betehess]

... but you can opt-out by deploying your own service

09:15:52 [betehess]

trueg_: the idea is that each email provider had their own system

09:16:03 [betehess]

... but nobody supports it so far

09:19:43 [betehess]

bblfish: we should look at what makes browserid and webid similar

09:19:59 [timbl]

(Earlier: timbl: This should be a flexibility point in the architecture, that many systems can be used for authentication, and each end up providing to a RWW-LDP system what it needs, an HTTP RDF URI for an agent.

09:20:01 [betehess]

... this could help defining what webid is

09:20:04 [trueg_]

q+

09:20:13 [betehess]

q- bblfish

09:22:15 [betehess]

trueg_: the question about branding is important

09:22:38 [betehess]

... like when alex were mentionning the connection to LDP

09:23:04 [betehess]

... we need to stress that so that when we speak to people, we don't scare them away

09:23:29 [betehess]

... we should tell them simple things that we need

09:24:17 [betehess]

... "an agent/person on the Web is authentified by an HTTP URI"

09:24:29 [betehess]

... this is how we would brisge the gap with LDP

09:24:45 [betehess]

... this would help us defining WebACLs as well

09:25:12 [betehess]

... because at the end, this is what the Web is about

09:25:31 [betehess]

timbl: yes, in term of systems, this is what the systems return

09:26:16 [AnnBassetti]

s/brisge/bridge/

09:27:40 [bblfish]

bblfish has joined #webid

09:42:53 [chsiao]

chsiao has joined #webid

09:52:40 [rblin]

rblin has joined #webid

10:00:38 [jin]

jin has joined #webid

10:11:17 [ttanaka2]

ttanaka2 has joined #webid

10:13:28 [JonathanJ]

JonathanJ has joined #webid

10:14:25 [betehess]

RRSAgent, please generate minutes

10:14:25 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/10/30-webid-minutes.html betehess

10:16:38 [JonathanJ1]

JonathanJ1 has joined #webid

10:18:17 [bblfish]

bblfish has joined #webid

10:19:12 [betehess]

was proposed earlier: an agent/person on the Web is authentified by an HTTP URI

10:19:38 [betehess]

during the break, timbl proposed the following: an agent/person on the Web is denoted by an HTTP URI

10:19:50 [bblfish]

definition of a WebID

10:19:52 [bblfish]

?

10:21:03 [webr3]

"an agent/person on the Web is denoted by an HTTP URI", that HTTP URI is a "WebID", WebID being the name for a URI which identifies an agent.

10:22:29 [webr3]

(FOAF+SSL -> WebID Protocol -> WebID Auth Protocol) != WebID

10:23:31 [melvster]

+1

10:23:33 [bblfish]

but the question is what if I create a URI a WebID for webr3 ?

10:24:30 [bblfish]

would that be webr3's webid?

10:24:48 [webr3]

then that is a WebID for me, a URI which identifies me, it may not be my con:preferred/canonical one, but it refers to me. It is "a webid" not "the webid"

10:25:01 [kotakagi]

kotakagi has joined #webid

10:25:13 [webr3]

The one I mint for myself can be deemed authoratitive, due to dns & uri ownership, and backed up by sigs and even checking the social graph

10:25:52 [webr3]

in webid protocol I may use "a" webid for msyelf, it's not the one true only identifier

10:26:25 [betehess]

webr3, FYI, we're quite thrilled by your definition, we're discussing about it

10:27:48 [betehess]

bblfish: how do I know if the http uri is not for a cat?

10:28:01 [betehess]

alex: you don't

10:28:10 [bblfish]

or how do your know it's not a URI for a relation, or a type

10:29:46 [gaiaphj]

gaiaphj has joined #webid

10:31:03 [bblfish]

betehess BrowserId has been renamed Persona

10:33:16 [webr3]

'http uri is not for *********', that's what linked data covers, as timbl discussed on www-tag recently, what a URI refers to is in it's usage within a conversation, linked data (via ownership from dns system, and with http uris so you can dereference) allows a URI "owner" to describe what a thing refers to, in a way that unambiguous enough for the general conversation, and within that community

10:33:30 [betehess]

people asking: does it really make sense to try to talk to the browserid people? or should we stick to LDP?

10:33:36 [deiu]

q+

10:34:19 [betehess]

melvster: you only authenticate when you need to, that's another reason to dissociate with identification

10:35:11 [betehess]

bblfish: so far, they use a JSON based certificate

10:35:30 [betehess]

... they have pushed back on having an URL in there

10:36:00 [betehess]

q+

10:36:11 [trueg_]

q-

10:36:18 [JonathanJ1]

JonathanJ1 has left #webid

10:36:36 [betehess]

deiu: maybe we're getting side-tracked by other protocols

10:36:41 [betehess]

... it's basically linked-data

10:37:15 [abasset]

abasset has joined #webid

10:37:23 [betehess]

... if this is not about Linked Data, they could use whatever they want

10:37:26 [webr3]

it's side tracking to webid-protocol, not to webid - and the people in this group are concerned with both.

10:37:29 [webr3]

it doesn't matter who you speak to in which groups, what's important is looking at each protocol and finding a way to get a URI for the person out of it, even if by way of a 3rd party/delegated service - for (1) Identification. Auth* is of no concern to Identification. THis is for wider scope consideration in our apps though, and not specific to WebID-Protocol, which is one of many options for users.

10:37:43 [betehess]

... if we don't want to waste, we should focus on LDP

10:38:22 [betehess]

melvster: this is about naming things, not convincing people to use LDP

10:38:38 [betehess]

deiu: we need to use some keyword: HTTP, URIs, etc.

10:38:43 [betehess]

ack next

10:38:48 [deiu]

q-

10:38:57 [betehess]

ack next

10:39:11 [bblfish]

q+

10:40:21 [betehess]

alex: I agree we must focus on the LDP people

10:40:36 [betehess]

bblfish: this definition may be too broad

10:41:34 [trueg_]

q+

10:41:38 [betehess]

... if w3c says that they are working on something universal, we'll be seen at too imperial

10:41:42 [betehess]

ack bbl

10:43:20 [bblfish]

that's ok if a WebID URI denotes an Agent, then an e-mail address cannot be a WebID since it refers to an e-mail address

10:43:28 [timbl]

timbl has joined #webid

10:44:03 [bblfish]

but note that if a WebID URI denotes an Agent, then an e-mail address cannot be a WebID since it refers to an e-mail address, an openid cannot be a WebID because OpenId refers to a document

10:44:22 [bblfish]

s/e-mail address/mbox/

10:46:44 [melvster]

http://www.w3.org/TR/webarch/#indirect-identification

10:46:52 [melvster]

To say that the URI "mailto:nadia@example.com" identifies both an Internet mailbox and Nadia, the person, introduces a URI collision. However, we can use the URI to indirectly identify Nadia. Identifiers are commonly used in this way.

10:47:04 [melvster]

+q

10:47:04 [timbl]

A WebID is an HTTP LDP HTTP URI which denotes a person. There are protocols to get them from various ways, Openid-W for example from a OpenID page, BrowserID-W from an email dress using Moz's system, webfinger-W using webfinger, and WebID-TLS to to get it using across-linked cert.

10:47:32 [timbl]

q+ to suggest that

10:48:29 [betehess]

timbl: it's not about removing the security from the system

10:48:46 [shh]

shh has joined #webid

10:48:52 [fwagner]

fwagner has joined #webid

10:51:08 [betehess]

bblfish: when are people interested about their identity? when they authenticate?

10:51:24 [webr3]

q+

10:51:27 [betehess]

alex: no, I could refer to your webid without authenticating you

10:51:47 [timbl]

q?

10:51:49 [abasset]

most people, BTW, don't know anything about 'identity' in a computing sense .. they just want to do things they want to do

10:52:09 [betehess]

trueg_: just wanted to comment on separation btw ldp and profile url

10:52:22 [betehess]

... with webr3' def, we only have the URL

10:52:35 [betehess]

... is there benefit for us?

10:52:39 [betehess]

... how much does it help?

10:52:49 [betehess]

q+

10:52:51 [timbl]

q+ to suggest "A WebID is an HTTP LDP HTTP URI which denotes a person. There are protocols to get them from various ways, Openid-W for example from a OpenID page, BrowserID-W from an email dress using Moz's system, webfinger-W using webfinger, and WebID-TLS to to get it using across-linked cert."

10:52:57 [betehess]

q+ later

10:53:31 [betehess]

... there should be dereferencable urls, and a profile, whether it's foaf or not

10:53:40 [betehess]

... it's been aroudn for a while

10:53:55 [timbl]

In fact FOAF URI is not a good term for it really as FOAF is just one application

10:54:13 [betehess]

melvster: webid protocol is more specific

10:54:19 [betehess]

... used to be foaf-ssl

10:54:22 [webr3]

adapted slightly: "A WebID is a LD (or derferencable) HTTP URI which denotes an agent. There are protocols to get them from various ways, Openid-W for example from a OpenID page, BrowserID-W from an email dress using Moz's system, webfinger-W using webfinger, and WebID-TLS to to get it using across-linked cert." (minus LDP, and agent rather than perosn)

10:54:27 [betehess]

... but webid is a cool name

10:54:55 [webr3]

q-

10:55:21 [betehess]

trueg_: don't dispute that, just saying that having just http uri may be too broad

10:55:52 [betehess]

webr3, people here are saying that you're getting too complicated :-)

10:56:17 [deiu]

the important part of that definition is "A WebID is a LD (or derferencable) HTTP URI which denotes an agent."

10:56:19 [betehess]

trueg_: we should stick with http urls

10:56:30 [webr3]

lol fair point - just needs a URI which points to some linked data about the agent referred to by the uri

10:56:48 [betehess]

q?

10:56:51 [timbl]

webr3, by "or derferencable" do you mean (a) i.e. dereferencable or (b) or any non-RDF dereferncebale URI

10:56:52 [betehess]

ack tru

10:56:57 [webr3]

auth protocols can be bootstrapped to get those uris (webfinger-w etc)

10:57:30 [bblfish]

q?

10:57:32 [webr3]

timbl, dereferencable to "linked data"

10:57:38 [betehess]

ack tim

10:57:38 [Zakim]

timbl, you wanted to suggest that and to suggest "A WebID is an HTTP LDP HTTP URI which denotes a person. There are protocols to get them from various ways, Openid-W for example

10:57:42 [Zakim]

... from a OpenID page, BrowserID-W from an email dress using Moz's system, webfinger-W using webfinger, and WebID-TLS to to get it using across-linked cert."

10:57:52 [betehess]

timbl: we're talking about systems design

10:58:03 [betehess]

... it's a LD URL

10:58:06 [betehess]

... or it may not support LDP

10:58:17 [betehess]

... it could writable

10:58:18 [betehess]

... or not

10:58:28 [betehess]

... but it's critical to be able to GET it

10:58:37 [betehess]

... and you need to get back an RDF model

10:58:58 [betehess]

... foaf is for social networking application

10:59:05 [webr3]

timbl, clarification request - GET it diretly, or indirectly (via a 3rd party service)

10:59:27 [betehess]

... so I like LD URI

10:59:33 [betehess]

... you GET an RDF model

11:00:01 [betehess]

... and we could say: TURTLE is mandatory

11:00:08 [betehess]

ack mel

11:00:20 [melvster]

http://www.w3.org/TR/webarch/#indirect-identification

11:00:48 [melvster]

[ "Today, 10 Downing Street announced a series of new economic measures." ]

11:01:11 [melvster]

[ To say that the URI "mailto:nadia@example.com" identifies both an Internet mailbox and Nadia, the person, introduces a URI collision. However, we can use the URI to indirectly identify Nadia. Identifiers are commonly used in this way. ]

11:01:11 [betehess]

melvster: it's an example of indirect ident

11:01:55 [betehess]

timbl: that's why I use a stricter definition

11:02:19 [betehess]

... "denote" for me is a function

11:02:33 [betehess]

... mailto designs a mailbox, not a person

11:02:40 [betehess]

q-

11:02:41 [betehess]

q-

11:03:37 [betehess]

alex: sooo, are we putting LD in the first definition?

11:03:50 [betehess]

bblfish: we already have "web" in webid, so yes

11:04:12 [webr3]

q+ to say perhaps there are two strands to this conversation, one is to define well known protocol that uses LD, and the other how to bootstrap other auth* systems in order to get (a) a WebID and (b) more information about the agent referred to

11:04:21 [JonathanJ1]

JonathanJ1 has joined #webid

11:04:26 [webr3]

1- as I can't actualyl "say" it :|

11:04:30 [webr3]

q-

11:04:33 [betehess]

webr3: we're focusing on LD

11:04:37 [bblfish]

+1

11:05:00 [bblfish]

s/+1//

11:05:03 [betehess]

alex: please wait for a PROPOSAL definition

11:06:10 [timbl]

A WebID is a LD HTTP URI which denotes an agent."

11:07:22 [timbl]

A 4* LD URI

11:09:44 [webr3]

Or broader: "A WebID is a 4* Linked Data URI which denotes an Agent" - every constraint we add cuts somebody out, but make implementaiton easier

11:11:02 [melvster]

http://5stardata.info/

11:12:00 [timbl]

"A WebID is a HTTP URI which denotes an Agent. You can GET an RDF model as TURTLE."

11:12:16 [timbl]

is slightly more constrained than "A WebID is a 4* Linked Data URI which denotes an Agent"

11:12:26 [bblfish]

http://www.w3.org/DesignIssues/LinkedData.html

11:14:43 [timbl]

"A WebID is a hash HTTP URI which denotes an Agent. You can GET an RDF model as TURTLE.

11:15:18 [bblfish]

I have a problem with tying to turtle in the definition of WebID

11:15:47 [webr3]

+1 on "A WebID is a hash HTTP URI which denotes an Agent. You can GET an RDF model as TURTLE." it adds constraints which make it ideal, negating httpRange-14, and not forcing people to have 5000 different parsers

11:17:02 [betehess]

q?

11:17:27 [bblfish]

timbl is pushing back on beting too general with how things could work ( because I had suggested GRDDLing documents )

11:18:10 [betehess]

q+ to introduce webr3's remark

11:19:17 [betehess]

ack me

11:19:17 [Zakim]

betehess, you wanted to introduce webr3's remark

11:19:29 [webr3]

betehess, please add that a tight definition doesn't preclude bootstraping/grddl etc, people can and will still do that -but the end goal must be something interoperable using simple standards

11:19:47 [webr3]

and ty

11:20:09 [timbl]

"A WebID is a hash HTTP URI which denotes an Agent. You can GET an RDF model as TURTLE."

11:20:40 [bblfish]

timbl also mentioned that specs should be small and prrecises with clear specs so that they can be implemented and so that we tests can be built for for them: so that we can have guarantees

11:21:08 [betehess]

PROPOSAL: "A WebID is a hash HTTP URI which denotes an Agent. You can GET an RDF model as TURTLE."

11:21:27 [deiu]

+1

11:21:31 [bblfish]

+1

11:21:33 [betehess]

+1

11:21:36 [jonathandray]

+1

11:21:39 [rblin]

+1

11:21:44 [gregory]

+1

11:21:44 [sangrae]

+1

11:21:47 [ttanaka2]

+1

11:21:47 [jin]

+1

11:21:48 [trueg_]

+1

11:21:48 [melvster]

0

11:21:54 [gaiaphj]

+1

11:22:05 [shh]

+1

11:22:11 [chsiao]

+1

11:22:45 [webr3]

+1

11:23:45 [betehess]

philipp: we develop ontowiki

11:24:01 [betehess]

... this relies on 303

11:24:06 [betehess]

... so this definition could be an issue for us

11:24:45 [betehess]

timbl: you do conneg? what do you do if people accepts rdf and html?

11:26:02 [betehess]

philipp: we may have a special case for webid

11:26:10 [betehess]

... which does not rely on redirects

11:26:20 [philipp]

+1

11:26:45 [timbl]

+1

11:27:16 [develD]

+1

11:27:17 [betehess]

RESOLVED: "A WebID is a hash HTTP URI which denotes an Agent. You can GET an RDF model as TURTLE.

11:28:25 [fwagner]

fwagner has joined #webid

11:29:36 [betehess]

for this afternoon, we have to define "webid over tls" and "webacls"

11:29:52 [betehess]

(just temporary names)

11:30:08 [webr3]

any possibility of doing "webid-no-tls" too?

11:30:28 [deiu]

webr3, that's what we'll try to find out

11:30:40 [betehess]

webr3, the concensus is that we don't want to prevent other people to define that

11:30:55 [betehess]

hence "over tls" for now

11:31:01 [webr3]

nice approach, don't do it but don't prevent it :)

11:31:28 [webr3]

what time is webacls oine, roughly?

11:32:18 [betehess]

RRSAgent, please draft minutes

11:32:18 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/10/30-webid-minutes.html betehess

11:32:49 [shh]

q+

11:34:01 [betehess]

steve: part of the CG process, you can get with a deliverable with a pretty well finalized spec

11:34:03 [betehess]

... you can go to a WG with that

11:34:26 [betehess]

... they may have to adjust the charter

11:34:38 [betehess]

... but you need to define what you want

11:35:52 [shh]

ack shh

11:38:28 [betehess]

... in many way, it's a fast-track to get into a WG

11:43:24 [betehess]

BREAK

11:44:28 [betehess]

for the record: it's being proposed that this group will provide a set of specs to be brought to the LDP WG

11:44:47 [timbl]

In a straw poll, the group agreed unanimously

11:44:51 [betehess]

nobody opposed

11:44:51 [bblfish]

nobody present opposed it

11:45:15 [shh]

shh has joined #webid

11:45:20 [timbl]

that the group should proceed to make a Final Specification and charter or rechater WG work on it./

11:46:07 [shh]

Tim got it right. It's about getting a Final Specification.

11:53:16 [webr3]

is anybody from LDP group here, or nearby to get their opinion on it, espec Ivan

12:19:59 [tpacbot]

tpacbot has joined #webid

12:21:39 [kidehen]

webr3: late to this, but a WebID is a verifiable URI that denotes an agent. Verifiability is a critical attribute. WebID Authentication Protocol is an example of a verification protocol. Then we have loose coupling of the Agent ID and the verification/authentication protocol

12:26:35 [webr3]

kidehen, verifiable in different ways (crypto vs social graph inference)?

12:36:25 [kidehen]

webr3: verifiable using a variety of protocols: WebID Authentication Protocol (crypto and entity relationship semantics based reasoning)

12:37:46 [kidehen]

webr3: remember, we also have a variant of WebID that we call YouID. It users fingerprints where WebID currently uses the Public Key and WebID association. This is quite cut and paste friendly, for instance

12:38:44 [philipp]

philipp has joined #webid

12:38:47 [kidehen]

webr3: over time, there may be other protocols, so we don't want to conflate the Agent ID and verification mechanisms. This is how we broaden the tent, in due course

12:38:49 [webr3]

makes sense, wondering how important the verifiability of a webid is - is it always needed, only for some use cases, and who is doing the verification (same process for everybody?)

12:38:59 [webr3]

agree re "over time,..."

12:40:00 [kidehen]

webr3: there's a note and demo of this at: http://bit.ly/O4LNKf

12:44:13 [ttanaka2]

ttanaka2 has joined #webid

12:47:44 [trueg]

trueg has joined #webid

12:49:38 [shh]

shh has joined #webid

12:50:52 [webr3]

kidehen, any pointers to more info on youid? not quite grok'ing it

12:53:23 [kidehen]

webr3: all it does is compare certificate fingerprints i.e., you local cert claims matched to the same thing in your profile doc. All the user needs to do is associate their WebID with a fingerprint. As per the note which is a simple example of one profile doc that works with WebID or YouID/NetID. My comments emphasize this

12:55:13 [SteveH]

SteveH has joined #webid

12:55:38 [kidehen]

webr3: what's most important at this juncture is loose coupling between the Agent ID and the verification protocol

12:55:43 [jin]

jin has joined #webid

12:56:18 [gregory]

gregory has joined #webid

12:56:27 [SteveH]

SteveH has left #webid

12:56:31 [webr3]

okay I follow now, and agree re loose coupling, always important

12:56:32 [kidehen]

webr3: conflation ultimately gets us into unnecessary trouble

12:56:34 [webr3]

ty kidehen

12:57:03 [deiu]

deiu has joined #webid

12:58:23 [sangrae]

sangrae has joined #webid

13:00:40 [wei]

wei has joined #webid

13:02:25 [bblfish]

bblfish has joined #webid

13:03:35 [deiu]

based on this morning proposal, we just realized that facebook has 1 billion WebIDs

13:03:38 [deiu]

Proof: rapper -g -o turtle https://graph.facebook.com/andreisambra

13:04:45 [deiu]

https://graph.facebook.com/100004074420423# is a valid WebID now

13:05:01 [deiu]

scribe: deiu

13:06:11 [gaiaphj]

gaiaphj has joined #webid

13:06:14 [bblfish]

Topic: Test Suite in WebID Protocol over TLS

13:06:40 [webr3]

deiu: webid is https://graph.facebook.com/100004074420423# ( https://graph.facebook.com/andreisambra is invalid by earlier definition?)

13:06:47 [bblfish]

http://www.w3.org/2005/Incubator/webid/wiki/Test_Suite

13:07:20 [deiu]

webr3, indeed

13:07:45 [shh]

shh has joined #webid

13:09:32 [deiu]

bblfish: we have to test the existing implementations which currently use TLS

13:09:35 [webr3]

I've got a little js function somewhere which normalises facebook profile uris to their graph hash uri somewhere

13:09:48 [fwagner]

fwagner has joined #webid

13:10:15 [deiu]

... which means adding tests that validate implementations according to the existing spec

13:10:45 [bblfish]

http://www.w3.org/2005/Incubator/webid/wiki/Test_Suite

13:10:59 [deiu]

... the tests should apply to applications as well as to agents/people

13:12:33 [oberger]

oberger has joined #webid

13:13:09 [deiu]

... the schema contains different tests cases for the authentication protocol (over TLS)

13:14:26 [mischat]

mischat has joined #webid

13:15:01 [deiu]

... grayed boxes are cases which went too deep/far

13:17:08 [deiu]

... the W3C recommends that all specs should have a validator

13:17:26 [kidehen]

deiu: Facebook has had Personal URIs (Linked Data principles compliant). These URIs are verifiable using their proprietary protocols. This exemplifies my point about loose coupling, in a nutshell. Also read: http://bit.ly/NzfyF0 -- an old post about Facebook Linked Data.

13:17:35 [deiu]

... all implementations should pass the validator tests

13:18:17 [deiu]

kidehen, my previous comment on facebook was related to this morning's talk

13:18:51 [kidehen]

deiu: we have to separate WebID and RWW testsuites. If we don't we will stall, as we have for some years now.

13:19:25 [deiu]

kidehen, do you have access to this morning's logs?

13:19:49 [kidehen]

deiu: RWW-0 should be the interop/test suite for RWW which is loosely coupled. WebID can have its own which has been in WIP for a while now

13:20:06 [kidehen]

deiu: I am reading from the bottom up, so I'll rewind to the top soon

13:20:49 [webr3]

seperate WebID, WebID Protocol, and RWW tests (webid != a verifiable webid != verifiable webid w/ webid-tls)

13:21:08 [deiu]

thanks webr3 :)

13:21:37 [kidehen]

deiu: A WebID is a hash HTTP URI which denotes an Agent agreement you mean? If so, I don't agree with that. It's pragmatic for sure, but very susceptible to the problems that conflation will ultimately unleash

13:22:05 [deiu]

kidehen, PROPOSAL: "A WebID is a hash HTTP URI which denotes an Agent. You can GET an RDF model as TURTLE."

13:22:08 [MacTed]

MacTed has joined #webid

13:22:31 [kidehen]

deiu: you can't tell someone that has a hashless de-referencable that it isn't a WebID, that's not the way to do it

13:22:50 [chsiao]

chsiao has joined #webid

13:22:51 [kidehen]

deiu: you get a profile document bearing Turtle content, but that's an option

13:22:54 [deiu]

the idea was to decouple the identity part of WebID from the authentication part

13:23:05 [kidehen]

deiu: we don't need to break Web Architecture to make this thing work

13:23:24 [kidehen]

deiu: yes, +1 for the decoupling

13:23:53 [deiu]

and we're not, we're just separating the URIs which identify people/agents, from the other URIs

13:24:07 [kidehen]

deiu: but there's a problem with mandating hash URIs that resolve to profile documents with turtle content. Even though that's mighty pragmatic and by far the easiest route.

13:24:39 [deiu]

the goal is to bring WebID (the identity part) closer to the LDP work

13:25:18 [kidehen]

deiu: a URI denotes things. That's it. A Linked Data URI denotes things in such a way that the denotation is linked (via indirection) to description (descriptor) document

13:25:38 [trueg]

kidehen: TURTLE is basically a place-holder for what is decided in LDP

13:25:50 [kidehen]

deiu: WebID is already based on Linked Data principles.

13:25:57 [bblfish]

RRSAgent, please draft minutes

13:25:57 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/10/30-webid-minutes.html bblfish

13:26:10 [bblfish]

kingsley the discussion is on the logs

13:26:34 [bblfish]

the restrictions were argued by TimBl because they make things simple

13:27:05 [kidehen]

trueg: Turtle is but one format for document content. It's my personally preferred format as I am sure you know, but that doesn't mean its the sole option. We shouldn't loose track of the fact that formats are negotiable.

13:27:34 [trueg]

kidehen: I think the idea is to make it the default which should be supported.

13:27:42 [kidehen]

bblfish: I know that hash URIs and Turtle are simple and mega pragmatic. You can make them a preference or default. But don't make them part of the definition of a WebID. That's not the way to go

13:27:52 [trueg]

kidehen: others can be supported and requested of course

13:28:20 [melvster]

kidehen: we had a proposal this morning based on recommendations from alex timbl and webr3 ... it unanimously passed from the people mentioned here

13:28:28 [deiu]

PROPOSAL: "A WebID is a hash HTTP URI which denotes an Agent. You can GET an RDF model as TURTLE."

13:28:33 [kidehen]

bblfish: trueg: make the language loose don't force stuff on people. I make all my demos in Turtle, but I also make sure folks understand its a preference

13:28:46 [melvster]

the wording was: '"A WebID is a hash HTTP URI which denotes an Agent. You can GET an RDF model as TURTLE."'

13:28:47 [bblfish]

there is a CAN there

13:28:47 [SimpsonTP]

SimpsonTP has joined #webid

13:28:48 [deiu]

You _can_ get it in turtle

13:28:57 [deiu]

!= you _MUST_ get it in turtle

13:29:00 [trueg]

the wording can be improved for sure

13:29:08 [kidehen]

deiu: you don't GET an RDF model as Turtle. You GET a document comprised of Turtle content which is constrained by the RDF model

13:30:03 [bblfish]

we'll get back to the working on this in more detail when alex and nathan are back

13:30:04 [kidehen]

deiu: Turtle is the definition is suboptimal for something that's inherently loosely coupled based on the principles of the Web itself

13:30:06 [trueg]

kidehen: the poing is that the server needs to support turtle but may support any other format

13:30:17 [melvster]

s/working/wording

13:30:40 [deiu]

coming back to the test suit

13:30:45 [kidehen]

trueg: that's fine, but that isn't what's being presented based on current wording as pasted by deiu

13:31:02 [trueg]

kidehen: we will fix that later then

13:31:06 [bblfish]

Topic: Test suites

13:31:44 [deiu]

kidehen, the proposal I've pasted comes from this morning

13:32:32 [kidehen]

trueg: okay, don't have document content formats within the definition of a WebID. The tweak re. Linked Data is that the URI resolves to a profile document where the content is an RDF model graph with very specific entity relationship semantics

13:33:46 [kidehen]

trueg: deiu: when we conflate syntax and semantics we end up in the same place we've been for years. This is always about a denotation mechanism, content structure, and entity relationship semantics. None of this is format (syntax or notation) specific.

13:34:52 [kidehen]

betehess: I am in the U.S. just getting my morning sorted out.. Also, my points aren't news. They are all over the place, so I don't see why we are heading back to old problems re. definitions.

13:35:15 [deiu]

deiu: we should have a service similar to the W3C one where new applications can be tested

13:35:24 [rblin]

rblin has joined #webid

13:35:31 [deiu]

melvster argues that we need to decide exactly what we should test against

13:35:54 [kidehen]

betehess: ah! I didn't assume this was an actual meeting, so apologies if it is. I though this was a chat following the meeting etc.. As I said, I am behind due to time diff etc.

13:36:24 [deiu]

kidehen, we're at TPAC, meeting f2f (sorry for not answering all the time btw)

13:36:30 [trackbot]

trackbot has joined #webid

13:36:43 [kidehen]

deiu: no problem

13:36:51 [kidehen]

deiu: will pick up whenever the meeting is over

13:36:55 [deiu]

ok

13:37:18 [deiu]

bblfish: HTTP error codes should at least be returned to the users/applications

13:37:56 [kidehen]

betehess: I didn't take it that way :-) It's fine. I am also re-syncing after Sandy etc..

13:38:15 [deiu]

... a turtle request on a resource that returns a 401 Unauthorized should also try to add details on the reason why it is unauthorized

13:38:50 [deiu]

... how should the 401 describe the reason why it happened

13:39:32 [deiu]

... example: could not get the profile / the profile is in the wrong format / no public key found / certificate out of date / etc.

13:42:08 [melvster]

kidehen: yes we have discussed this before, but got to a new consensus this morning .... we are discussing test suites now

13:42:39 [kidehen]

melvster: okay, we discuss later. It needs some tweaking :-0

13:44:50 [SimpsonTP]

SimpsonTP has joined #webid

13:45:12 [deiu]

SimpsonTP, yes please come

13:47:13 [melvster]

SimpsonTP: we are on the ground floor near the reception ... i think the room is called Terreaux 0

13:47:24 [deiu]

trueg askes what happens when users fail to authenticate using WebID

13:47:41 [SimpsonTP]

okay i'll sneak out of the AC meeting at coffee break

13:47:58 [Zakim]

Zakim has left #webid

13:50:19 [Zakim]

Zakim has joined #webid

13:50:39 [deiu]

a 401 page is displayed by default in case the server sends a 401 response

13:51:00 [deiu]

... this page can be replaced by a different page with additional authentication options

13:52:54 [trackbot]

trackbot has joined #webid

13:54:20 [deiu]

bblfish argues that all implementations should return HTTP codes corresponding to the outcome of the authentication process

13:55:51 [bblfish]

so the idea is to have one special resource on other webid implementation that only authenticates users that have a valid webid certificate

13:56:22 [bblfish]

that returns a 401 if not authenticated

14:00:30 [bblfish]

we can call WebID Authentication Resource

14:00:45 [bblfish]

W3C WebID Validator Agents

14:01:56 [deiu]

these agents will use the tests described in the above diagram to test WebID-enabled applications

14:02:21 [bblfish]

so part of the test should be that you change the key and log in again

14:02:34 [JonathanJ1]

JonathanJ1 has joined #webid

14:02:50 [bblfish]

one test is: public key missing in WebID profile

14:02:56 [trueg]

change key test with delay to give servers time to update caches

14:03:01 [bblfish]

one test is: SAN not derferenceable

14:04:05 [deiu]

also the list described at 14:39

14:05:54 [deiu]

bblfish argues about representing the state of an authenticated user, using turtle

14:05:59 [bblfish]

question: what do we return in case of success?

14:06:25 [deiu]

... "how do we express (using turtle) that a user has been authenticated?"

14:07:25 [deiu]

... EARL can be used to represent error instances

14:08:34 [trueg]

one success possibility is to simply return the entire profile

14:10:12 [bblfish]

Proposal: I proposal to wirte a simple validtor for a WebId Test resource

14:10:48 [bblfish]

of course

14:10:49 [bblfish]

:-)

14:10:57 [deiu]

+1

14:11:00 [jonathandray]

+1

14:11:04 [betehess]

+1

14:11:04 [gregory]

+1

14:11:05 [trueg]

+1

14:11:05 [philipp]

+1

14:11:09 [rblin]

+1

14:11:11 [melvster]

+1

14:11:12 [develD]

+1

14:11:17 [deiu]

this was an easy one :)

14:11:52 [bblfish]

And will list all services that pass the Verificiation service on webid.info as valid webid services

14:12:13 [deiu]

betehess, we're still trying to find a definition

14:12:21 [betehess]

will be back shortly

14:12:27 [betehess]

s/will be back shortly//

14:12:50 [trueg]

betehess: it is a random resource that WebID implementations expose to all verified WebIDs. It can be used by the WebID verification service to test parts of the implementattion.

14:13:25 [seo]

seo has joined #webid

14:14:34 [bblfish]

WebID Test Resource is a resource • that only returns a HTTP 200 code if the person has a .... to complicated definition

14:15:50 [bblfish]

WebID Test Resource is a resource that returns a 401 with an to-be-determined error message in Turtle if the agent was not authenticated using WebID and returns a 200 with a to-be-determined success message if the agent succcssfully authenticated

14:16:12 [bblfish]

Proposal: WebID Test Resource is a resource that returns a 401 with an to-be-determined error message in Turtle if the agent was not authenticated using WebID and returns a 200 with a to-be-determined success message if the agent succcssfully authenticated

14:16:51 [bblfish]

And not other access control restrictions exist on the server.

14:17:00 [bblfish]

s/the server/that resource/

14:17:08 [bblfish]

s/not/no/

14:17:11 [trueg]

+1

14:17:18 [deiu]

+1

14:17:20 [develD]

+1

14:17:32 [bblfish]

+1

14:17:33 [jonathandray]

+1

14:17:49 [gregory]

+1

14:17:50 [rblin]

+1

14:17:58 [philipp]

+1

14:18:17 [ttanaka2]

+1

14:19:02 [bblfish]

move on to another topic

14:19:47 [deiu]

same for us

14:23:54 [JonathanJ1]

JonathanJ1 has left #webid

14:25:15 [bblfish]

Alexandrer speaks about WebBox solving melvins a problem

14:25:21 [bblfish]

s/a //

14:26:00 [deiu]

RRSAgent, please draft minutes

14:26:00 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/10/30-webid-minutes.html deiu

14:27:52 [bblfish]

http://users.ecs.soton.ac.uk/mvk/webbox-pim.pdf

14:27:53 [melvster]

https://github.com/danielsmith-eu/webbox/wiki

14:28:11 [rblin]

The paper : http://users.ecs.soton.ac.uk/mvk/webbox-pim.pdf

14:28:48 [bblfish]

they are from southampton university

14:29:01 [bblfish]

alexbertails coined the term webbo

14:29:04 [bblfish]

webbox

14:57:11 [ttanaka2]

ttanaka2 has joined #webid

15:02:28 [SimpsonTP]

SimpsonTP has joined #webid

15:04:56 [timbl_]

timbl_ has joined #webid

15:06:47 [jin]

jin has joined #webid

15:08:02 [rblin]

romainblin.net/lifeshare-3.0

15:13:23 [betehess]

betehess has joined #webid

15:16:57 [bblfish]

Romain Blin presented his LifeShare network that uses rdflib.js

15:18:50 [SimpsonTP]

SimpsonTP has joined #webid

15:19:04 [wei]

wei has joined #webid

15:19:29 [bblfish]

Now Bart van Leeuwen http://www.linkedin.com/in/bartvanleeuwen76

15:19:37 [bblfish]

is showing firefighting and RDF

15:19:56 [bblfish]

Bart is a firefighter in Amsterdam

15:20:03 [betehess]

http://en.wikipedia.org/wiki/Black_swan_theory

15:20:41 [bblfish]

bart does not have a lot of time to make decisions ( 4minutes to get to fire location )

15:20:49 [bblfish]

bumpy roads

15:21:07 [bblfish]

and you can't wait in front of the burniong house reading your ipad

15:21:10 [bblfish]

a lot of data silos

15:21:25 [bblfish]

very small info they got in the old version

15:21:32 [bblfish]

s/small/little/

15:21:36 [shh]

shh has joined #webid

15:21:39 [bblfish]

a small tweet of information is all they have

15:21:42 [bblfish]

not enough

15:22:19 [bblfish]

so they re-wroed to the arc2 triple store and now to arqxequi?

15:22:48 [bblfish]

showing the new screen ( looks like google maps)

15:23:17 [bblfish]

they developed this in 3 months, used by 40 firefighters in holland

15:23:34 [bblfish]

now.

15:24:04 [bblfish]

Now they use a Jena Store XUL Runner, and Identity manager

15:24:46 [bblfish]

they would like to have webid so that the firedpartment can ask questions in that time that businesses would not want to give out to everyone

15:26:41 [bblfish]

here is a map of Amsterdam, with the Ann Frank institute. It uses info from different sources. They know it's a museum, and people live there

15:27:16 [bblfish]

so they were able to publish where they are going

15:28:28 [bblfish]

they would also like to show where it is going, but they would like the information to be published but only visible to some people. So WebID could be useful here too.

15:29:21 [bblfish]

http://semanticweb.com/webcast-fighting-fire-with-linked-data-2_b17051

15:32:49 [deiu]

http://www.slideshare.net/semanticfire/0080-netage-sanfranciscopdf

15:35:16 [bblfish]

Alex Bertails: asking for the use cases for WebID in Bart's talk to see how Access control rules fit in

15:35:48 [bblfish]

Bart: GMS this info goes into the incident manager

15:35:56 [deiu]

GMS is the central dispatch system which initiates the incident

15:36:28 [bblfish]

Incident Manager uses SPARQL as Rules

15:36:33 [deiu]

they use SPARQL rules to manage incidents

15:36:51 [deiu]

Agents can be registered with the Incident Manager

15:36:52 [bblfish]

an agent is registered with a SPARQL query

15:37:20 [deiu]

the same agent pulls info from external sources (the building on fire) and updates the incident data

15:37:35 [bblfish]

so most of the data is public they are using

15:37:50 [shh]

shh has joined #webid

15:37:53 [deiu]

incident data can be a list of chemicals that are found in the house that is on fire

15:37:53 [bblfish]

But the firegighters would like to be access confidential information

15:38:07 [bblfish]

and they like WebID because it is easy to use

15:38:20 [bblfish]

and does not require complex certification procedures

15:43:21 [shh]

shh has joined #webid

15:45:43 [bblfish]

all telemetry in the fireftrucks should be linked data

15:46:08 [bblfish]

they had a huge chemical fire in the netherlands, which created a huge environmental disaster

15:46:58 [bblfish]

had they had real telemetry they could have worked out how to deal with it much better.

15:47:55 [shh]

shh has joined #webid

15:51:52 [bblfish]

RRSAgent, please draft minutes

15:51:52 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/10/30-webid-minutes.html bblfish

15:52:15 [bblfish]

q?

15:53:14 [bblfish]

zigby

15:53:21 [bblfish]

is used in smoke detectors

15:54:49 [gregory]

http://en.wikipedia.org/wiki/ZigBee

15:59:57 [shh]

shh has joined #webid

16:06:29 [betehess]

bblfish discussing the advantages of having a special DN in the certificates

16:06:54 [betehess]

doing that, the server could ask for only "valid" webid certificates

16:07:10 [betehess]

bblfish: this would prevent the user to provide non-valid certificates

16:07:14 [deiu]

q+

16:07:14 [betehess]

... helps selection

16:08:00 [betehess]

deiu: I argued on ML we should to avoid the elements that could be usefull for companies

16:08:28 [betehess]

... because they are part of the pop-up windows

16:08:33 [betehess]

... it's vital for some companies

16:08:49 [betehess]

... and they could want to use some of them for themselves

16:09:24 [betehess]

... so I'd advise to avoid those

16:09:33 [betehess]

... I'm pasting the link to this email listing all these elements

16:09:41 [deiu]

http://lists.w3.org/Archives/Public/public-webid/2012Oct/0259.html

16:10:09 [betehess]

bblfish: there is service trying to assess the quality of the TLS endpoints

16:10:17 [betehess]

... they verify the protocol

16:10:40 [betehess]

... I will send an email with a link (can't remember right now)

16:11:11 [betehess]

... anyway, we don't want to use "w3c" here

16:13:28 [betehess]

[some discussion happening on cn and dn in certificates]

16:14:30 [betehess]

[now checking what works in browsers]

16:16:24 [betehess]

looks like OU, O, ST, and C are not vital

16:16:55 [betehess]

could be an issue to mess with the CNs for "issued by" and "issued for"

16:17:42 [betehess]

bblfish: I want to focus on the CN of the issuer

16:18:13 [betehess]

... as the people would only want to tweak their "issued for" CN

16:18:46 [betehess]

deiu: we may have a tracability issue

16:20:30 [betehess]

all: the UI sucks, especially on Linux, looks better on Windows

16:21:01 [bblfish]

https://localhost:8443/srv/certgen

16:21:45 [betehess]

s| https://localhost:8443/srv/certgen||

16:22:13 [bblfish]

172.19.2.24

16:22:22 [betehess]

s|172.19.2.24||

16:22:26 [webr3]

re earlier proposal "WebID Test Resource is a resource that returns a 401.." Please refine this to be an HTTP GET request with the appropriate Accept headers, and without any conditional headers (If-*).

16:23:24 [bblfish]

https://172.19.2.24:8443/srv/certgen

16:24:11 [betehess]

s|https://172.19.2.24:8443/srv/certgen||

16:26:05 [webr3]

general note: I'm very wary about needing to do anything that involves anything in certificates other than specifying a SAN, the things your discussing may be neat, but they'd make me want to cry if mentioned anywhere in the web spec itself

16:26:59 [SimpsonTP]

webr3, I think I'm with you on that one

16:28:45 [webr3]

s|your|you're|

16:32:31 [betehess]

betehess: maybe the requirement on the CN could be a SHOULD and not a MUST

16:32:39 [betehess]

bblfish: this could work

16:33:32 [betehess]

deiu: what about DC (Domain Component)

16:33:40 [betehess]

... as we don't use the chain of trust

16:34:21 [betehess]

SimpsonTP: in active directory, they already use that

16:35:01 [betehess]

bblfish: you can't use wildcards, you need to use a specific string

16:35:34 [mischat]

mischat has joined #webid

16:36:26 [betehess]

betehess: can we use any attribute, like LDAP?

16:36:32 [betehess]

deiu: that was my question

16:39:01 [betehess]

SimpsonTP: if this is possible, I'd be ok with that, but I would strongly be opposed to using commonly used fileds

16:39:07 [betehess]

s/fileds/fields/

16:39:30 [betehess]

... it all comes up to support in browsers

16:39:53 [betehess]

https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Certificate_System/8.1/html/Deploy_and_Install_Guide/usering-cert-extensions.html

16:39:54 [webr3]

reading http://en.wikipedia.org/wiki/X.509#Architectural_weaknesses especially "Implementation Issues" section ( DNs lack canonicalization and i18n etc)

16:40:56 [webr3]

request: can somebody point me to why we'd want a special DN in the certs, I've missed a thread somewhere

16:41:28 [betehess]

webr3: because we want the user to be asked for valid webid certificates

16:41:30 [SimpsonTP]

webr3, to limit the options of certs shown to the user in the browser

16:41:51 [betehess]

one way to do it is to restrict on some fields

16:42:00 [webr3]

ahh is this the CN=WebID,O=empty-set-char thread?

16:42:07 [betehess]

hence the discussion on what fields, and what values

16:42:10 [betehess]

webr3, yes

16:42:41 [shh]

shh has left #webid

16:43:35 [webr3]

I'd want that outside of certs to be honest, if FB issue me a cert with the hope I'll use it everywhere, I want to tell my browser to only use it on FB (And maybe one or two other sites) - that can't be in the cert, as it's subject to change over time, and for each person's preference

16:49:32 [betehess]

we're trying to re-assess the issue

16:49:44 [betehess]

do people have that many certificates to choose from?

16:50:28 [betehess]

Ben Laurie said "I don't want to use webid because of the case there would be too many certificates"

16:50:30 [webr3]

could well do

16:50:37 [betehess]

trueg: it's a non issue

16:50:49 [webr3]

mini proposal: consider using issuerAltName

16:50:51 [betehess]

... it's an theoritical issue

16:50:54 [webr3]

*optionally*

16:51:27 [betehess]

looks like people are pushing for just resolving this as being a non-issue

16:51:38 [betehess]

(all but bblfish so far)

16:53:29 [webr3]

+1 to non issue for what it's worth, interesting non critical work, but non issue. If the issuer wants to limit usage of the certificate, then issuerAltNAme could be used and point ot LD which ahs more details ont he issuer, and the suggested cert usage

16:55:26 [betehess]

betehess: I'm proposing bblfish to try the extension fields in all browsers to make his case, at least on the technical level

16:55:36 [deiu]

+1 for that

16:55:54 [betehess]

... in the meantime, the group is still asking henry to declare this is a non-issue

16:56:07 [betehess]

... and go back to ben laurie with the decision of this group

16:56:59 [betehess]

trueg: also, this is even a bigger problem because of UI issues

16:57:36 [betehess]

PROPOSAL: approve for the above

16:57:39 [betehess]

+1

16:57:46 [deiu]

+1

16:57:49 [melvster]

+1

16:57:51 [gregory]

+1

16:57:55 [trueg]

+1

16:58:04 [betehess]

more explicitly: we make this a non-issue

16:58:04 [ttanaka2]

+1

16:58:07 [jonathandray]

+1

16:58:08 [SimpsonTP]

+1

16:58:17 [sangrae]

+1

16:58:24 [jin]

+1

16:59:47 [webr3]

+1 to non-issue

17:02:32 [webr3]

http://markmail.org/message/b2nfaspp3uqb5usz#query:+page:1+mid:urbvh4bnmqdftayn+state:results/O=FOAF+SSL/CN=TDB

17:02:32 [webr3]

This will never happen because no CA will ever let itself be under the

17:02:32 [webr3]

hierarchy of a pseudo-CA like we're discussing. It would also make the

17:02:32 [webr3]

normal PKI verification completely void.

17:02:45 [webr3]

** http://markmail.org/message/b2nfaspp3uqb5usz#query:+page:1+mid:urbvh4bnmqdftayn+state:results

17:02:59 [webr3]

re: /O=FOAF+SSL/CN=TDB - from Bruno back in 2010 when discussed

17:04:04 [webr3]

seeAlso: http://markmail.org/message/qeslafjpozshnpni

17:32:57 [timbl]

timbl has joined #webid

18:46:11 [fwagner]

fwagner has joined #webid

19:12:57 [kidehen_]

kidehen_ has joined #webid

20:30:00 [fwagner]

fwagner has left #webid

20:30:03 [trackbot]

trackbot has joined #webid

20:30:58 [Zakim]

Zakim has left #webid

20:46:02 [develD]

develD has joined #webid

20:50:08 [trueg]

trueg has joined #webid

20:50:28 [trackbot]

trackbot has joined #webid

21:17:25 [SimpsonTP]

SimpsonTP has joined #webid

21:22:01 [deiu]

deiu has joined #webid

21:30:06 [betehess]

betehess has joined #webid

21:51:54 [gregory]

gregory has joined #webid

21:57:24 [bblfish]

bblfish has joined #webid

22:02:10 [bblfish]

RRSAgent, please draft minutes

22:02:10 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/10/30-webid-minutes.html bblfish

22:20:41 [deiu]

Meeting: TPAC 2012 - WebID meeting

22:20:47 [deiu]

RRSAgent, please draft minutes

22:20:47 [RRSAgent]

I have made the request to generate http://www.w3.org/2012/10/30-webid-minutes.html deiu