WebID
WebID is a method for internet services and members to know who they are communicating with. The WebID specifications define a set of [https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/identity-respec.html editor's drafts] to prepare the process of standardization for identity, identification and authentication on HTTP-based networks. WebID-based protocols (Solid OIDC, WebID-TLS, WebID-TLS+Delegation) offer a new way to log into internet services. Instead of using a password, for example, the member refers to another web address which can vouch for it. WebID is not a specific service or product.
Technically speaking, a WebID is an HTTP URI that denotes ("refers to" or "names") an agent on an HTTP based network such as the Web or an enterprise intranet. In line with linked data principles, when a WebID is de-referenced ("looked up"), it resolves to a profile document (a WebID-Profile) that describes its referent (what it denotes). This profile document consists of RDF model based structured data, originally constructed primarily using terms from the FOAF vocabulary, but now often including terms from other vocabularies.
Profile documents can be stored on the agent's own Web server, and access thereto may be partially or wholly constrained to specific agent identities via the use of access controls, to preserve the privacy of the profile document's subject.
Protocols
= WebID-TLS =
The [http://www.w3.org/2005/Incubator/webid/spec/tls WebID-TLS] protocol (formerly known as FOAF+SSL[http://esw.w3.org/topic/foaf+ssl FOAF+SSL] decentralized authentication protocol.) is a decentralized and secure authentication protocol built upon the profile information as well as the Transport Layer Security (TLS) client certificates available in virtually all modern web browsers. It was first presented {{cite web|url=http://blogs.sun.com/bblfish/entry/foaf_ssl_adding_security_to |publisher=Sun Microsystems |title=foaf+ssl: adding security to open distributed social networks |url-status=dead |archiveurl=https://web.archive.org/web/20090929094316/http://blogs.sun.com/bblfish/entry/foaf_ssl_adding_security_to |archivedate=September 29, 2009 }}{{cite web | url = http://www.w3.org/2008/09/msnws/ | publisher = W3C | title = Workshop on the Future of Social Networking | location = Barcelona, ES | date = January 2009}} for the W3C Workshop on the Future of Social Networking in 2009.
Unlike the usual SSL usage patterns, WebID-TLS does not require{{cite web|url=http://blogs.sun.com/bblfish/entry/more_on_authorization_in_foaf |title=foaf+ssl: creating a web of trust without key signing parties |publisher=Sun Microsystems |url-status=dead |archiveurl=https://web.archive.org/web/20090122175444/http://blogs.sun.com/bblfish/entry/more_on_authorization_in_foaf |archivedate=January 22, 2009 }} a dedicated Certificate Authority to perform the user authorization. Users can easily mint useful identities for themselves using any TLS certificate (even self-signed ones). Using TLS client certificates for Web site user authentication doesn't usually require that the user input a password, unlike many other single sign-on mechanisms, which can make WebID-TLS quite convenient. However, the client certificate selection dialogues in popular Web browsers are not yet as user-friendly as they might be, negating some of this convenience.
A web of trust based on WebID-TLS could be gradually constructed, connecting users and their activities on the World Wide Web, without formal key signing parties, making the identification harder for anyone (even the original issuing authority) to falsify.{{citation | url = http://journal.webscience.org/312/ | last1 = Gamble | first1 = Matthew | last2 = Goble | first2 = Carole | title = Proceedings of the WebSci10: Extending the Frontiers of Society On-Line | contribution = Standing on the Shoulders of the Trusted Web: Trust, Scholarship and Linked Data | date = April 2010}}
= WebID-OIDC =
WebID-OIDC was an authentication delegation protocol used by Solid. It is based on decentralized OAuth2/OpenID Connect.{{citation | url = https://github.com/solid/webid-oidc-spec | title = WebID-OIDC Authentication Spec | date = September 2017}} It has been superseded by Solid OIDC.{{citation | url = https://github.com/solid/webid-oidc-spec/issues/39#issuecomment-785971912 | title = Has the WebID-OIDC spec been superseded by the Solid OIDC spec? | date = July 2021}}
= Solid OIDC =
Solid OIDC is an authentication delegation protocol used by Solid. It is based on OAuth2/OpenID Connect.{{citation | url = https://solid.github.io/authentication-panel/solid-oidc/ | title = SOLID-OIDC | date = July 2021}}
= WebID-TLS+Delegation =
WebID-TLS+Delegation extends WebID-TLS through "On Behalf Of" headers and relationships, enabling one Agent to act with all permissions/privileges of another Agent.{{Cite book |last1=Sabol |first1=Cory |last2=Odd |first2=Wesley |last3=Esterline |first3=Albert |chapter=Group Access Control using WebID |date=March 2016 |title=SoutheastCon 2016 |chapter-url=http://dx.doi.org/10.1109/secon.2016.7506672 |pages=1–2 |publisher=IEEE |doi=10.1109/secon.2016.7506672|isbn=978-1-5090-2246-5 |s2cid=31073762 }}
See also
References
{{reflist}}
External links
- {{official website}}
- [https://get.use.id use.id, one of the first WebID providers]