| Hello All,
I have been lurking here on this mailing list for a while now, and should really find some time to put together some thoughts I have having on ideas around a decentralised social network, and yes it would be FOAF and RDF based, but anyways.
I have built a number of FOAF related web stuff over the last couple of years, most of which you can find details of here:
or
But anyways, I have a comment regarding OAuth and foaf+ssl which is mentioned below (see comment inline) : On 28 Apr 2010, at 21:09, Lucas Stadler wrote: Hi
I take this opportunity to get some insight on something I was working upon,
which i think is somewhat similar to ideas discussed here.
Cross posting one mail I posted earlier.
Hello everyone,
I would like to get some suggestions on open profile idea.
We were thinking of implementing a open profile using open specs such as
foaf and oauth. The aim is to let user makes his social profile just once,
and get it be accessed everywhere. And the way is distributed,
de-centralized. This is how it goes
1. OAuth will handle authorization headaches.
2. User creates an account on one social networking website, which
implements open profile .
3. The website generates a unique profile url for each user.
4. user goes to some other website, which also implements open profile
and OAuth, the website
provides user with feature to make account using his existing profile
on other social network.
5. User puts in his profile url from other website,
6. Using OAuth for user authorization, which one completes, the remote
website, sends a user
profile xml file based on the open specs to the requesting website.
7. The network, gets the profile data, updates it into database, updates
the open profile xml by adding its name into the list , which
contains name and other information of all the websites which are
seeing this data.
8. Then it sends an update request to all other services, with the
updated xml, using the rest url of each service,
specified in the xml file.
9. All the websites which receives the updated xml, updates their data.
10.Whenever user updates his profile in any one of the website, the
website, after updating data, sends
a update request to all other websites seeing it, they in turn
updates their databases accordingly.
11. The data is hence updated every where and once and no one is
controlling the data.
Its just an initial draft and certainly requires polishing.
Cheers
I think you are a bit to fast for us, as there is no GNU Social protocol at the time. But I was thinking about the problems we currently have and support for having data not just within our network, but everywhere a user wants it to have is something we certainly have to provide if we want to be truly open. From this point of view, your draft is a possibility to achieve this. I
do not think, however, that it is the sole possibility, as FOAF+SSL does try to do something similar (at least to OAuth).
I don't think that foaf+ssl and OAuth are that similar. I will try to explain, OAuth is (I could be wrong here) as a way of allowing two services to setup trust between each other so that they can exchange data "offline" i.e. no longer requiring the user to be around. The (complicated) OAuth dance has an authentication setup which is not defined by the OAuth protocol, which allows for one of the services to authenticate one of its users so as to give the second service access to that given user's data.
This is where I see foaf+ssl coming into play when thinking/talking about OAuth. It is this authentication step in the OAuth protocol which a given service could choose to use foaf+ssl as a way of authenticating a given WebID (user).
In summary, foaf+ssl is more akin to OpenID than to OAuth. foaf+ssl allows someone to authenticate them self as the owner of a given WebID, again similar to OpenID, but will a lot less to'ing and fro'ing. But, again do correct me if I am wrong, but OAuth is a not a way of authenticating/proving identity but a facility to get two services communicating with each other.
I hope this helps,
Mischa I am not quite sure what you imagine with that 'XML profile', as this is a rather difficult thing. But possibly this could simply be a RDF document with whatever vocabulary that might be appropriate, such as FOAF, SIOC or even relationships [1]. Did you have more 'real-world' ideas about this? So, I think your idea is something rather interesting, but a little bit too early, considering the state of our work. Nonetheless, it might be added to the Ideas page on libreplanet [2]. [1] < http://purl.org/vocab/relationship> [2] < http://groups.fsf.org/wiki/Group:GNU_Social/Ideas>
_________________________________ Mischa Tuffield
|