The Five Stars of Web Identity

Inspired by

http://www.w3.org/DesignIssues/LinkedData.html
http://lab.linkeddata.deri.ie/2010/lod-badges/
http://www.identityblog.com/wp-content/images/2009/06/7_Laws_of_Identity.jpg
http://5stardata.info/

I present the 5 stars of web identity:

1 Star — On the Web
===================

It’s easy for us today, to think that everyone, is on the Web.  But
the fact remains that in 2012, 5 billion people on the planet, do not
have Web access.  One giant star should be awarded, for getting people
a Web presence, of any kind.  Our primary goal should be, to allow
access to the digital revolution, for everyone on the planet, that
wants it.

2 Stars — Identity Context
======================

The second star is awarded, if data is presented in a structured,
machine readable, format.  The identifier should have a context
associated with it.  Identity needs to be distinguished between, for
example, a home page, an email address, a telephone number, a
certificate, or a name.  The mechanism to add this context on the web
is the Universal Resource Identifier (URI).  Using URIs to identify
things, is the value proposition of the Web, and the single most
important factor in its continued evolution.

3 Stars — Structured Data
======================

Having a contextual Identity on the Web is a great start.  But it
becomes that much more useful, when combined with structured data.
For example, your profile page may display your avatar, or your email
signature may display your public key.  Alternatively, an identity may
be linked to a provider, that can verify, the user’s authenticity.
This principle of linking structured data together, is what transforms
the Web, from a static document, to a vibrant landscape, and is the
building block for sign-in, across the Web.  For encouraging
structured data, you receive the third Star.

4 Stars — Verified Identity
======================

The fourth star allows the ability to sign in, on the Web.  Through
the analysis of structured data, it is possible to verify Identity.
This is often done through a trusted third party, sometimes with a
password, or in some cases, directly using some form of secure hand
shaking.  Authenticating an identity, allows anything from posting a
status update, to online banking.  A smooth sign-in experience is key
to the evolution of the web.

5 Stars — Best Practices
=====================

The fifth and final star goes to following industry best practices.
This includes ensuring that Identity is secure, data protection is
adhered to and access to data is correctly controlled.  Validation, or
in some cases, certification tests, must be passed.  Additionally, the human
computer interaction, should provide the best possible user experience.
While systems may vary, the goals of identification, authentication
and authorization, are common to everyone that works in the identity
space, and good solutions beneficial to all.

Conclusion
==========

Inspired by some of the great thinking that has come before me, I’ve
hopefully presented a common sense approach to identity on the Web.

Over the past decade the identity space has seen a great deal of
progress.  But at the same time, in the excitement of bringing new
technology, to a wider audience, it has become fractured.

It is sometimes valuable to step back and look at the big picture. All
identity communities have common goals.  I hope that these five
principles can bring groups together, both to see where they are on
the scale, and work together, in order to help make the Web, realize
it’s full potential.

 

flattr this!

Introducing Web Credits

Web Credits is a system for creating distributed IOUs at web scale.

Rather than creating something new, it leverages existing technologies:

  1. Linked Data
  2. JSON-LD

The aim is to keep the spec under 2 pages to engender a wide uptake and provide extensible workflows for dealing with financial systems.

The first prototype, codename Opentabs, is in alpha testing.

Feel free to give it a try, the source code is available under AGPL, more info coming soon!

flattr this!

Solution to the Halting Problem

The following is a solution to the halting problem, which asks the question: given a description of a program, decide whether the program finishes running or will run forever. This problem is generally believed to be insoluble, however I believe it is possible to conceive a theoretical solution as follows.


Consider a thought experiment, in which quantum scientists, though sub atomic particle tunneling are able to perform a single logical operation in zero time.  Using this technology they are able to construct a quantum computer which is able to run sequential operation in zero time.  This quantum computer is set up as follows:  a light bulb goes on while the program is loaded into the computer.  The start button is pressed, and the computer starts to execute the program.  As soon as the lightbulb goes off, the program is finished and you can look at the result as well as the time taken to complete.  Now it is immediately apparent that the light bulb will go off after zero time if the program halts.  It is also easy to imagine that the machine keeps on processing if the program enters an infinite loop and the lightbulb will remain on.  Iff we observe that the lightbulb remains on we know that the program does not halt.  Hence we have a theoretical solution to the halting problem.


QED

flattr this!

Enabling a Public Apache Server to Read a Client Certificate

The following is a recipe to configure an Apache Web Server to accept and read a self-signed SSL client certificates. This is one of the steps to implement the FOAF + SSL protocol as outlined by Henry Story.

1. Starting assumption is that your Apache server has SSL installed and working.

If not this is covered in depth in many other places, the easiest way is to contact your web hoster to get this done.

2. Change tha Apache httpd.conf to enable client certificates

You will need editing rights on your httpd.conf. Here are the changes I made in order to get things working:

SSLVerifyClient optional_no_ca
SSLVerifyDepth 1

Note: SSLCACertificateFile is not set so self signed certificates are not checked against the trusted CA’s configured on the server.

3. Add the following to the .htaccess to make the SSL variables available to php

SSLOptions +StdEnvVars
SSLOptions +ExportCertData

4. How to test it

The following code should be able to print out diagnostic information:

print_r($_SERVER);
print_r(openssl_x509_parse($_SERVER[SSL_CLIENT_CERT]))

An example can be seen here: https://foaf.me/test.php


If you think there’s a way to improve any of these steps please feel free to let me know.

flattr this!

25 November

On this day in history I started a blog, JFK was buried and, “Do they know it’s Chirstmas” was recorded.

One said to “Feed the world”, the other “Together let us expore the stars, conquer the deserts, eradicate disease, tap the ocean depths, and encourage the arts and commerce”.

I beleive we can make this happen.  The board is set, the pieces are in motion!

flattr this!