WebID is a method for internet services and members to know who they are communicating with. The WebID specifications define a set o
to prepare the process of standardization for
identity
Identity may refer to:
* Identity document
* Identity (philosophy)
* Identity (social science)
* Identity (mathematics)
Arts and entertainment Film and television
* ''Identity'' (1987 film), an Iranian film
* ''Identity'' (2003 film), ...
, identification and
authentication
Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicati ...
on
HTTP
The Hypertext Transfer Protocol (HTTP) is an application layer protocol in the Internet protocol suite model for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web, ...
-based networks. WebID-based protocols (
Solid OIDC,
WebID-TLS,
WebID-TLS+Delegation) offer a new way to log into internet services. Instead of using a password, for example, the member refers to another web address which can vouch for it. WebID is not a specific service or product.
Technically speaking, a WebID is an
HTTP
The Hypertext Transfer Protocol (HTTP) is an application layer protocol in the Internet protocol suite model for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web, ...
URI Uri may refer to:
Places
* Canton of Uri, a canton in Switzerland
* Úri, a village and commune in Hungary
* Uri, Iran, a village in East Azerbaijan Province
* Uri, Jammu and Kashmir, a town in India
* Uri (island), an island off Malakula Islan ...
that denotes ("refers to" or "names") an agent on an HTTP based network such as the
Web
Web most often refers to:
* Spider web, a silken structure created by the animal
* World Wide Web or the Web, an Internet-based hypertext system
Web, WEB, or the Web may also refer to:
Computing
* WEB, a literate programming system created by ...
or an enterprise
intranet
An intranet is a computer network for sharing information, easier communication, collaboration tools, operational systems, and other computing services within an organization, usually to the exclusion of access by outsiders. The term is used in c ...
. In line with
linked data
In computing, linked data (often capitalized as Linked Data) is structured data which is interlinked with other data so it becomes more useful through semantic queries. It builds upon standard Web technologies such as HTTP, RDF and URIs, but r ...
principles, when a WebID is
de-referenced ("looked up"), it resolves to a ''profile document'' (a WebID-Profile) that describes its referent (what it denotes). This profile document consists of
RDF model based structured data, originally constructed primarily using terms from the
FOAF
FOAF (an acronym of friend of a friend) is a machine-readable ontology describing persons, their activities and their relations to other people and objects. Anyone can use FOAF to describe themselves. FOAF allows groups of people to describe soc ...
vocabulary, but now often including terms from other vocabularies.
Profile documents can be stored on the agent's own Web server, and access thereto may be partially or wholly constrained to specific agent identities via the use of
access controls
In the fields of physical security and information security, access control (AC) is the selective restriction of access to a place or other resource, while access management describes the process. The act of ''accessing'' may mean consuming ...
, to preserve the privacy of the profile document's subject.
Protocols
WebID-TLS
Th
WebID-TLSprotocol (formerly known as FOAF+SSL) is a decentralized and secure authentication protocol built upon the profile information as well as the
Transport Layer Security (TLS) client certificates available in virtually all modern web browsers. It was first presented for the W3C Workshop on the Future of Social Networking in 2009.
Unlike the usual SSL usage patterns, WebID-TLS does not require a dedicated
Certificate Authority
In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This ...
to perform the user authorization. Users can easily mint useful identities for themselves using any TLS certificate (even self-signed ones). Using TLS client certificates for Web site user authentication doesn't usually require that the user input a password, unlike many other
single sign-on
Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems.
True single sign-on allows the user to log in once and access services without re-enterin ...
mechanisms, which can make WebID-TLS quite convenient. However, the client certificate selection dialogues in popular Web browsers are not yet as user-friendly as they might be, negating some of this convenience.
A
web of trust
In cryptography, a web of trust is a concept used in PGP, GnuPG, and other OpenPGP-compatible systems to establish the authenticity of the binding between a public key and its owner. Its decentralized trust model is an alternative to the centr ...
based on WebID-TLS could be gradually constructed, connecting users and their activities on the World Wide Web, without formal
key signing parties
In public-key cryptography, a key signing party is an event at which people present their public keys to others in person, who, if they are confident the key actually belongs to the person who claims it, digitally sign the certificate containing ...
, making the identification harder for anyone (even the original issuing authority) to falsify.
WebID-OIDC
WebID-OIDC was an authentication delegation protocol used by
Solid
Solid is one of the State of matter#Four fundamental states, four fundamental states of matter (the others being liquid, gas, and Plasma (physics), plasma). The molecules in a solid are closely packed together and contain the least amount o ...
. It is based on decentralized
OAuth2/OpenID Connect. It has been superseded by
Solid OIDC
Solid OIDC
Solid OIDC is an authentication delegation protocol used by
Solid
Solid is one of the State of matter#Four fundamental states, four fundamental states of matter (the others being liquid, gas, and Plasma (physics), plasma). The molecules in a solid are closely packed together and contain the least amount o ...
. It is based on
OAuth2/OpenID Connect.
WebID-TLS+Delegation
WebID-TLS+Delegation extends WebID-TLS through "On Behalf Of" headers and relationships, enabling one Agent to act with all permissions/privileges of another Agent.
See also
*
Authorization
Authorization or authorisation (see spelling differences) is the function of specifying access rights/privileges to resources, which is related to general information security and computer security, and to access control in particular. More for ...
*
IndieAuth
IndieAuth is an open standard decentralized authentication protocol that uses OAuth 2.0 and enables services to verify the identity of a user represented by a URL as well as to obtain an access token that can be used to access resources under the ...
*
OpenID
OpenID is an open standard and decentralized authentication protocol promoted by the non-profit OpenID Foundation. It allows users to be authenticated by co-operating sites (known as relying parties, or RP) using a third-party identity provider ...
*
OpenID Connect (OIDC)
*
WebFinger
WebFinger is a protocol specified by the Internet Engineering Task Force IETF that allows for discovery of information about people and things identified by a URI. Information about a person might be discovered via an acct: URI, for example, whic ...
References
External links
* {{official website
use.id, one of the first WebID providers
Social networking services
Semantic Web
Identity management initiative