HOME

TheInfoList



Click Here for Items Related To - WebID
OR:
WebID on:   [Wikipedia]   [Google]   [Amazon]

WebID is a method for internet services and members to know who they are communicating with. The WebID specifications define a set o

to prepare the process of standardization for identity, identification and
authentication Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an Logical assertion, assertion, such as the Digital identity, identity of a computer system user. In contrast with iden ...
on
HTTP HTTP (Hypertext Transfer Protocol) is an application layer protocol in the Internet protocol suite model for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web, wher ...
-based networks. WebID-based protocols ( Solid OIDC, WebID-TLS, WebID-TLS+Delegation) offer a new way to log into internet services. Instead of using a password, for example, the member refers to another web address which can vouch for it. WebID is not a specific service or product. Technically speaking, a WebID is an
HTTP HTTP (Hypertext Transfer Protocol) is an application layer protocol in the Internet protocol suite model for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web, wher ...
URI that denotes ("refers to" or "names") an agent on an HTTP based network such as the
Web Web most often refers to: * Spider web, a silken structure created by the animal * World Wide Web or the Web, an Internet-based hypertext system Web, WEB, or the Web may also refer to: Computing * WEB, a literate programming system created by ...
or an enterprise
intranet An intranet is a computer network for sharing information, easier communication, collaboration tools, operational systems, and other computing services within an organization, usually to the exclusion of access by outsiders. The term is used in ...
. In line with
linked data In computing, linked data is structured data which is interlinked with other data so it becomes more useful through semantic queries. It builds upon standard Web technologies such as HTTP, RDF and URIs, but rather than using them to serve web ...
principles, when a WebID is de-referenced ("looked up"), it resolves to a ''profile document'' (a WebID-Profile) that describes its referent (what it denotes). This profile document consists of RDF model based structured data, originally constructed primarily using terms from the FOAF vocabulary, but now often including terms from other vocabularies. Profile documents can be stored on the agent's own Web server, and access thereto may be partially or wholly constrained to specific agent identities via the use of access controls, to preserve the privacy of the profile document's subject.


Protocols


WebID-TLS

Th
WebID-TLS
protocol (formerly known as FOAF+SSL) is a decentralized and secure authentication protocol built upon the profile information as well as the Transport Layer Security (TLS) client certificates available in virtually all modern web browsers. It was first presented for the W3C Workshop on the Future of Social Networking in 2009. Unlike the usual SSL usage patterns, WebID-TLS does not require a dedicated
Certificate Authority In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. Thi ...
to perform the user authorization. Users can easily mint useful identities for themselves using any TLS certificate (even self-signed ones). Using TLS client certificates for Web site user authentication doesn't usually require that the user input a password, unlike many other single sign-on mechanisms, which can make WebID-TLS quite convenient. However, the client certificate selection dialogues in popular Web browsers are not yet as user-friendly as they might be, negating some of this convenience. A web of trust based on WebID-TLS could be gradually constructed, connecting users and their activities on the World Wide Web, without formal key signing parties, making the identification harder for anyone (even the original issuing authority) to falsify.


WebID-OIDC

WebID-OIDC was an authentication delegation protocol used by
Solid Solid is a state of matter where molecules are closely packed and can not slide past each other. Solids resist compression, expansion, or external forces that would alter its shape, with the degree to which they are resisted dependent upon the ...
. It is based on decentralized OAuth2/OpenID Connect. It has been superseded by Solid OIDC


Solid OIDC

Solid OIDC is an authentication delegation protocol used by
Solid Solid is a state of matter where molecules are closely packed and can not slide past each other. Solids resist compression, expansion, or external forces that would alter its shape, with the degree to which they are resisted dependent upon the ...
. It is based on OAuth2/OpenID Connect.


WebID-TLS+Delegation

WebID-TLS+Delegation extends WebID-TLS through "On Behalf Of" headers and relationships, enabling one Agent to act with all permissions/privileges of another Agent.


See also

*
Authorization Authorization or authorisation (see American and British English spelling differences#-ise, -ize (-isation, -ization), spelling differences), in information security, computer security and identity management, IAM (Identity and Access Managemen ...
* IndieAuth *
OpenID OpenID is an open standard and decentralized authentication protocol promoted by the non-profit OpenID Foundation. It allows users to be authenticated by co-operating sites (known as relying parties, or RP) using a third-party identity provi ...
* OpenID Connect (OIDC) * WebFinger


References


External links

* {{official website
use.id, one of the first WebID providers
Social networking services Semantic Web Identity management initiative