fbpx
Wikipedia

WebID

December 15, 2023

WebID is a method for internet services and members to know who they are communicating with. The WebID specifications define a set of editor's drafts to prepare the process of standardization for identity, identification and authentication on HTTP-based networks. WebID-based protocols (Solid OIDC, WebID-TLS, WebID-TLS+Delegation) offer a new way to log into internet services. Instead of using a password, for example, the member refers to another web address which can vouch for it. WebID is not a specific service or product.

Technically speaking, a WebID is an HTTP URI that denotes ("refers to" or "names") an agent on an HTTP based network such as the Web or an enterprise intranet. In line with linked data principles, when a WebID is de-referenced ("looked up"), it resolves to a profile document (a WebID-Profile) that describes its referent (what it denotes). This profile document consists of RDF model based structured data, originally constructed primarily using terms from the FOAF vocabulary, but now often including terms from other vocabularies.

Profile documents can be stored on the agent's own Web server, and access thereto may be partially or wholly constrained to specific agent identities via the use of access controls, to preserve the privacy of the profile document's subject.

Protocols edit

WebID-TLS edit

The WebID-TLS protocol (formerly known as FOAF+SSL[1]) is a decentralized and secure authentication protocol built upon the profile information as well as the Transport Layer Security (TLS) client certificates available in virtually all modern web browsers. It was first presented [2][3] for the W3C Workshop on the Future of Social Networking in 2009.

Unlike the usual SSL usage patterns, WebID-TLS does not require[4] a dedicated Certificate Authority to perform the user authorization. Users can easily mint useful identities for themselves using any TLS certificate (even self-signed ones). Using TLS client certificates for Website user authentication doesn't usually require that the user input a password, unlike many other single sign-on mechanisms, which can make WebID-TLS quite convenient. However, the client certificate selection dialogues in popular Web browsers are not yet as user-friendly as they might be, negating some of this convenience.

A web of trust based on WebID-TLS could be gradually constructed, connecting users and their activities on the World Wide Web, without formal key signing parties, making the identification harder for anyone (even the original issuing authority) to falsify.[5]

WebID-OIDC edit

WebID-OIDC was an authentication delegation protocol used by Solid. It is based on decentralized OAuth2/OpenID Connect.[6] It has been superseded by Solid OIDC[7]

Solid OIDC edit

Solid OIDC is an authentication delegation protocol used by Solid. It is a web project aiming to give individuals control over their own data. It introduces concepts where personal data is stored in "pods" (personal online data stores) and applications request permission to access specific pieces of data, rather than users providing their data to the applications.[8] It is based on OAuth2/OpenID Connect.[9]

WebID-TLS+Delegation edit

WebID-TLS+Delegation extends WebID-TLS through "On Behalf Of" headers and relationships, enabling one Agent to act with all permissions/privileges of another Agent.[10]

See also edit

References edit

  1. ^ FOAF+SSL decentralized authentication protocol.
  2. ^ . Sun Microsystems. Archived from the original on September 29, 2009.
  3. ^ "Workshop on the Future of Social Networking". Barcelona, ES: W3C. January 2009.
  4. ^ . Sun Microsystems. Archived from the original on January 22, 2009.
  5. ^ Gamble, Matthew; Goble, Carole (April 2010), "Standing on the Shoulders of the Trusted Web: Trust, Scholarship and Linked Data", Proceedings of the WebSci10: Extending the Frontiers of Society On-Line
  6. ^ WebID-OIDC Authentication Spec, September 2017
  7. ^ .Has the WebID-OIDC spec been superseded by the Solid OIDC spec?, July 2021
  8. ^ "SAML vs OIDC: All You Need to Know". OneLogin. Retrieved 2023-08-17.
  9. ^ SOLID-OIDC, July 2021
  10. ^ Sabol, Cory; Odd, Wesley; Esterline, Albert (March 2016). "Group Access Control using WebID". SoutheastCon 2016. IEEE. pp. 1–2. doi:10.1109/secon.2016.7506672. ISBN 978-1-5090-2246-5. S2CID 31073762.

External links edit

  • Official website  
  • use.id, one of the first WebID providers

December 15, 2023
webid, method, internet, services, members, know, they, communicating, with, specifications, define, editor, drafts, prepare, process, standardization, identity, identification, authentication, http, based, networks, based, protocols, solid, oidc, delegation, . WebID is a method for internet services and members to know who they are communicating with The WebID specifications define a set of editor s drafts to prepare the process of standardization for identity identification and authentication on HTTP based networks WebID based protocols Solid OIDC WebID TLS WebID TLS Delegation offer a new way to log into internet services Instead of using a password for example the member refers to another web address which can vouch for it WebID is not a specific service or product Technically speaking a WebID is an HTTP URI that denotes refers to or names an agent on an HTTP based network such as the Web or an enterprise intranet In line with linked data principles when a WebID is de referenced looked up it resolves to a profile document a WebID Profile that describes its referent what it denotes This profile document consists of RDF model based structured data originally constructed primarily using terms from the FOAF vocabulary but now often including terms from other vocabularies Profile documents can be stored on the agent s own Web server and access thereto may be partially or wholly constrained to specific agent identities via the use of access controls to preserve the privacy of the profile document s subject Contents 1 Protocols 1 1 WebID TLS 1 2 WebID OIDC 1 3 Solid OIDC 1 4 WebID TLS Delegation 2 See also 3 References 4 External linksProtocols editWebID TLS edit The WebID TLS protocol formerly known as FOAF SSL 1 is a decentralized and secure authentication protocol built upon the profile information as well as the Transport Layer Security TLS client certificates available in virtually all modern web browsers It was first presented 2 3 for the W3C Workshop on the Future of Social Networking in 2009 Unlike the usual SSL usage patterns WebID TLS does not require 4 a dedicated Certificate Authority to perform the user authorization Users can easily mint useful identities for themselves using any TLS certificate even self signed ones Using TLS client certificates for Website user authentication doesn t usually require that the user input a password unlike many other single sign on mechanisms which can make WebID TLS quite convenient However the client certificate selection dialogues in popular Web browsers are not yet as user friendly as they might be negating some of this convenience A web of trust based on WebID TLS could be gradually constructed connecting users and their activities on the World Wide Web without formal key signing parties making the identification harder for anyone even the original issuing authority to falsify 5 WebID OIDC edit WebID OIDC was an authentication delegation protocol used by Solid It is based on decentralized OAuth2 OpenID Connect 6 It has been superseded by Solid OIDC 7 Solid OIDC edit Solid OIDC is an authentication delegation protocol used by Solid It is a web project aiming to give individuals control over their own data It introduces concepts where personal data is stored in pods personal online data stores and applications request permission to access specific pieces of data rather than users providing their data to the applications 8 It is based on OAuth2 OpenID Connect 9 WebID TLS Delegation edit WebID TLS Delegation extends WebID TLS through On Behalf Of headers and relationships enabling one Agent to act with all permissions privileges of another Agent 10 See also editAuthorization IndieAuth OpenID OpenID Connect OIDC WebFingerReferences edit FOAF SSL decentralized authentication protocol foaf ssl adding security to open distributed social networks Sun Microsystems Archived from the original on September 29 2009 Workshop on the Future of Social Networking Barcelona ES W3C January 2009 foaf ssl creating a web of trust without key signing parties Sun Microsystems Archived from the original on January 22 2009 Gamble Matthew Goble Carole April 2010 Standing on the Shoulders of the Trusted Web Trust Scholarship and Linked Data Proceedings of the WebSci10 Extending the Frontiers of Society On Line WebID OIDC Authentication Spec September 2017 Has the WebID OIDC spec been superseded by the Solid OIDC spec July 2021 SAML vs OIDC All You Need to Know OneLogin Retrieved 2023 08 17 SOLID OIDC July 2021 Sabol Cory Odd Wesley Esterline Albert March 2016 Group Access Control using WebID SoutheastCon 2016 IEEE pp 1 2 doi 10 1109 secon 2016 7506672 ISBN 978 1 5090 2246 5 S2CID 31073762 External links editOfficial website nbsp use id one of the first WebID providers Retrieved from https en wikipedia org w index php title WebID amp oldid 1187817975, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.