Add Security section, with a few references. Improve linking to external resources.
|Deletions are marked like this.||Additions are marked like this.|
|Line 16:||Line 16:|
|* See http://www-public.telecom-sudparis.eu/~berger_o/weblog/2013/11/06/generating-webid-profiles-for-debian-project-members/ for a more recent experiment.||* See [[http://www-public.telecom-sudparis.eu/~berger_o/weblog/2013/11/06/generating-webid-profiles-for-debian-project-members/|this blog entry]] for a more recent experiment.|
|Line 24:||Line 24:|
|See : http://www-public.telecom-sudparis.eu/~berger_o/weblog/2013/06/06/new-paper-authoritative-linked-data-descriptions-of-debian-source-packages-using-adms-sw-accepted-at-oss-2013/||See [[http://www-public.telecom-sudparis.eu/~berger_o/weblog/2013/06/06/new-paper-authoritative-linked-data-descriptions-of-debian-source-packages-using-adms-sw-accepted-at-oss-2013/|blog entry about linked data descriptions of debian source packages]]|
|Line 30:||Line 30:|
|The WebID+TLS specs are being worked on at the W3C. See http://www.w3.org/wiki/WebID#What_is_the_WebID_Authentication_Protocol.3F for details.||The WebID+TLS specs are being worked on
[[http://www.w3.org/wiki/WebID#What_is_the_WebID_Authentication_Protocol.3F|at the W3C]].
|Line 40:||Line 41:|
|== Security ==
* [[https://security.stackexchange.com/questions/5406|Security comparison between WebID and Persona]]
* [[http://www.w2spconf.com/2012/papers/w2sp12-final18.pdf||Security, Privacy and Usability Requirements for Federated Identity (PDF)]]
WebID is a standard being developped at the W3C, which could be used in relation to some Debian Web services.
- Identification of Debian contributors
- Interlinking contributor profiles with other meta-data of Debian artifacts
- Using WebID+TLS for authentication on Web services (SSO, etc.)
Identification of Debian contributors
Each Debian contributor may have a WebID compatible profile published by some Debian service.
For instance, Debian project members are listed by http://db.debian.org/, so the same information could be provided in a standard way on such a service.
Some experiment are being conducted in this area :
See also the contributors.debian.org project, which intends to provide a profile for Debian contributors.
Interlinking contributor profiles with other meta-data
WebIDs profiles being Linked Data, they can be integrated with other meta-data in RDF, like the PTS'.
Using WebID+TLS for authentication on Web services
Combining WebID with client TLS certs, could be a mean for allowing authentication to Debian Web services.
The WebID+TLS specs are being worked on at the W3C.
It could be an alternative to other means being used : DebianSingleSignOn
Interested by the use of WebID for the Debian project ? Contact us on : firstname.lastname@example.org (archives : http://lists.alioth.debian.org/pipermail/debwebid-discuss/).
See also : ContributorsInformationSources