Melvin Carvalho wrote:
On Sun, Aug 30, 2009 at 7:10 PM, Kingsley Idehen<[email protected]> wrote:
Dan Brickley wrote:
On Sun, Aug 30, 2009 at 12:45 PM, Graham Klyne<[email protected]> wrote:
Dan Brickley wrote:
I'm been thinking about this idea mostly in the context of FOAF and
"social networking" portability, but I think StatusNet and the open
microblogging effort is a great place to test it, and fits with Evan's
"Control Yourself" motto here. There are also business model
implications for companies thinking about hosting too; I'm interested
on feedback there, as well as technical feedback.
I do like your ideas, and the metaphor!
Dan,
I tend to use the phrase: Personal Data Spaces as my preferred moniker
for a "point of presence on the Web" that is individually controlled.
This point of presence would allow read and write access, albeit
constrained by data access polices that leverage social networks and
other data points exposed by FOAF based profiles.
Typically, personal data spaces would be .Name or .Me domain based. In
short, they would be Linked Data aware variants of efforts such as
FreeYourID etc.
OpenLink Data Spaces (ODS) has always been about what I describe above,
the tricky part (and real hold up for years) had been the domain
registration aspect, since I've always wanted that to be loosely coupled
via REST or SOAP style of Web Services.
This is why FOAF, OpenID, OAuth, and all other relevant standards have
been part of Virtuoso (the traditional and virtual data management
layer) and ODS (application layer) for a number of years now.
Unless I'm missing something here, it sounds as if you could fake up what
you suggest by using Apache proxy+reverse proxying and the HTML rewriting
module. It's not a final solution, but maybe a way to cheaply explore what
it would be like for users, and maybe to uncover where some of the technical
issues might arise.
I'd thought of proxies, but not with HTML rewriting, that's
interesting. So a bit like greasemonkey scripts applied server-side, I
guess. Yes, that could be good way to flush out unanticipated
technical issues, fiddly interaction with things like Cookies and
cross-site scripting rules, etc.
There are lots of ways that variants of a "dockable" effect could be
achieved. The ugliest I can think of so far is HTML Frames, which some
DNS vendors (eg. Gandi) offer as a way of "forwarding" to other
domains. Painful for lots of reasons (linkability, bookmarkability),
but it shows the desire and interest is there. Another thing we're
seeing is Javascript that rewrites it's host document after calling
out to its parent site. There are 1000s of Web 2 badges and widgets
done in this style, eg. mini Flickr photo galleries or "my most recent
twitter post" sidebars. The downside here is that the generated HTML
is ephemeral; it is generated by client-side javascript code, and so
is very much a second class citizen of the Web. Such content doesn't
show up in search engines, has huge accessibility issues, and isn't
available eg. for normal HTTP-based re-use, eg. page translation
utilities. But again it shows the desire for the functionality of
putting social site content into user's sites. Facebook also have some
technologies they're pushing in this direction.
Apart from the DNS-based proposal I aired here, I have also been
thinking that the combination of something like OAuth with something
like AtomPub has a lot of potential. If sites could ask to be
delegated "posting permission", either for stable pages or for pushing
items into a blog-like stream, then you can imagine music.danbri.org
being maintained mostly, by last.fm for me; or perhaps by a
combination of last.fm, bbc music, and other musicky sites. At the
moment I'm looking at TV stuff, so the idea of a fancy site generating
a very rich user profile ("favourite actor" etc) and pushing it back
to my home site as HTML/RDFa is quite appealing. And I think the link
karma aspect might be enough to persuade some businesses that this is
worth doing...
cheers,
Ultimately, people are going to look to platforms that virtualize data
across all the Web Silos via platforms. The virtualization layer will be
capable of the following in a loosely coupled manner:
1. Domain Registration
2. DNS setup and management
3. Profile Management (using RDF based Linked Data for untethered
dimensionality)
4. Policy based Data Access (FOAF+SSL, OpenID, and OAuth depending of
data access type and data access policy granularity requirements)
5. An Identity based security model that leverages RDF, HTTP URIs, and
FOAF+SSL
6. Use HTML+RDFa as the default metadata representation mechanism
(basically the home page of the data space which is basically the
"About" segment of a typical home page).
When a platform handles the above, "danbri.org" can become the conduit
to all of you data. Basically, you will only need a given silo to
support Web Services APIs (in the most extreme cases e.g., typical Web
2.0 style "software as services" solutions) to get going.
Once we are done with #1 above (part that has protracted this entire
effort for me), I will unveil my ODS based Data Space as a live example.
I like the following approach. Your FOAF is a (read/write) entry
point to your data.
Now this can lead to other 'docked' URI's, or as a proxy to some other
part of your (access controlled) data footprint, which could be
somewhere else on the web or on your own machine via (web) socket.
WebAccessControl will determine who sees what, and how much (bandwidth
limits may apply). Updates should enter a queue on your IdP, and
relayed to you. It should work in realtime or delayed (maybe with
HTTP 200 / 202 as response to tell the initiator what happened).
You'll need to protect against spam 'mail bombs' and DDOS, but what's new?
You will leverage reputation data from the linked cloud for smart
filtering. I see your IdP as having a few core functions that it does
very well, and it's going to be really tricky to make this robust, but
probably worth the effort. Then other providers should offers
services on top, either hosted on your own server, hosted by a third
party or proxied to your own machine.
Adding a well written service (eg status) should be as easy as
dropping that file into a directory, or a git one-liner (possibly
including an embedded sqlite db). The magic sauce is in the access
control and negotiation from one party to another built on top of a
WOT linked data infrastucture.
Melvin,
Spot on! Very nice wrap up!
Kingsley
Links:
1. http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/Ods
Dan
_______________________________________________
foaf-dev mailing list
[email protected]
http://lists.foaf-project.org/mailman/listinfo/foaf-dev
--
Regards,
Kingsley Idehen Weblog: http://www.openlinksw.com/blog/~kidehen
President & CEO
OpenLink Software Web: http://www.openlinksw.com
_______________________________________________
foaf-dev mailing list
[email protected]
http://lists.foaf-project.org/mailman/listinfo/foaf-dev
--
Regards,
Kingsley Idehen Weblog: http://www.openlinksw.com/blog/~kidehen
President & CEO
OpenLink Software Web: http://www.openlinksw.com
_______________________________________________
Laconica-dev mailing list
[email protected]
http://mail.laconi.ca/mailman/listinfo/laconica-dev
