solid-spec icon indicating copy to clipboard operation
solid-spec copied to clipboard

Published 20 hours ago verified publisher icon solid

Create specification for account management

Open RubenVerborgh opened this issue 6 years ago • 8 comments

We should create a simple specification for account management, such that different apps can manage accounts from different servers. This specification would consist of a set of shapes for RDF documents.

RubenVerborgh avatar Feb 13 '19 10:02 RubenVerborgh

Isnt this server specific? In solid the identity and the storage should be decoupled. There are hundreds of ways of managing identity, they should all play nicely with solid.

melvincarvalho avatar Feb 13 '19 10:02 melvincarvalho

Isnt this server specific?

Possibly parts of it, but there might also be common things. Like: what are the accounts on this server? What is the registration page on this server? Etc. Just having that in RDF would already be very useful.

In solid the identity and the storage should be decoupled.

Yes. That is completely orthogonal to this issue, so we're good.

There are hundreds of ways of managing identity

Note that this is not about identity; it is about accounts with a server.

RubenVerborgh avatar Feb 13 '19 10:02 RubenVerborgh

Sounds good, some kind of blurb about it being server specific I think would be good. So then people will know solid works with single home pages, could work with other systems that want to "upgrade" to use solid.

melvincarvalho avatar Feb 13 '19 14:02 melvincarvalho

it is about accounts with a server.

I understand storage server (OAuth Resource Server), since NSS couples IdP and RS sometimes 'the server' can get interpreted differently. I think as for creating instances of ws:Storage it probably just needs an initial ACL, anything else?

elf-pavlik avatar Feb 13 '19 16:02 elf-pavlik

since NSS couples IdP and RS

It does not. By default, it indeed provides you with an identity when you sign up for storage, but that is not mandatory. Both are independent.

RubenVerborgh avatar Feb 13 '19 16:02 RubenVerborgh

My WebID https://elf-pavlik.hackers4peace.net/ My WebID Profile Document (current version) https://elf-pavlik.hackers4peace.net/d6f114f2-acf5-4cf7-a9d4-89ee1a365693 (update will create new document and my WebID will 303 redirect to that new version) My OIDC Identity Provider: https://idp.hackers4peace.net discoverable via solid:oidcIssuer I will now set my pim:storage to:

  • drive.hackers4peace.net
  • media.hackers4peace.net

My Type Index Registry will specify which types of resources go to where in which storage.

Besides having my identity (WebID) independent from my OIDC Identity Provider, I also have my OIDC Identity Provider independent from my storages (plural).

In this issue does 'account' refer to OIDC Identity Provider account or the accounts one may create with various storage providers?

elf-pavlik avatar Feb 13 '19 16:02 elf-pavlik

In this issue does 'account' refer to OIDC Identity Provider account or the accounts one may create with various storage providers?

Both, independently.

RubenVerborgh avatar Feb 13 '19 16:02 RubenVerborgh

Isnt this server specific?

Possibly parts of it, but there might also be common things. Like: what are the accounts on this server? What is the registration page on this server? Etc. Just having that in RDF would already be very useful.

I guess we could tie this into Server Capability Discovery as well?

megoth avatar Feb 18 '19 14:02 megoth