WebID

A WebID is an HTTP URI that denotes ("refers to" or "names)" an agent on HTTP based networks e.g., the Web or an enterprise Intranet.

The WebID specification is being developed and debated on the W3C WebID Community Group. Please don't hesitate to join and ask us about any implementation issues you come accross, problems with the spec, new implementations you have written that use WebID in one form or another - webid.info

In line with Linked Data principles, when you De-reference ("look up") a WebID, it resolves to a profile document that describes its referent (what it denotes). This profile document consists of RDF model based structured data, constructed initially using terms from the FOAF vocabulary, but now often including terms from other vocabularies.

Specifications

  • Web Access Control

According to the WC3 specs, a WebID implementation must have following properties - w3.org:

  • Agents should be able to control their identity
  • This identity should be linkable across sites - placing each agent in a Web of Relationships
  • The Web of Relationships should build a Web of Trust that allows each agent to determine for himself what Trust Anchors he wishes to be guided by
  • It should be possible to describe each agent flexibly
  • It should enable Global Authentication
  • it should allow flexible Access Control that is both easy for humans and machines to use and understand
  • It should be respectful of privacy
  • The whole lifecycle of an Identity, from setting up a profile, to editing it, to possibly deleting it should require nothing more than HTTP, extended by the Linked Data Platform.

The WebID+TLS protocol (formerly known as FOAF+SSL) is a decentralized and secure authentication protocol built upon the profile information as well as the Transport Layer Security (TLS) client certificates available in virtually all modern web browsers.

WebID-RSA is somehow similar to WebID + TLS, in that a public RSA key is published in the WebID profile, and the user will sign a token with the corresponding private key that matches the public key in the profile - github

Keybase is a website, but it's also an open source command line program. Let's walk through a terminal example, which illustrates what Keybase does. All of this can be embedded into other software, written by anyone - keybase.io

Access Control

Profile documents can be stored on the agent's own Web server, and access thereto may be partially or wholly constrained to specific agent identities via the use of access controls, to preserve the privacy of the profile document's subject.

An article describing the promise of integrating NodeJS and WebID - magnetik.github.io