Open RubenVerborgh opened 5 years ago
Isnt this server specific? In solid the identity and the storage should be decoupled. There are hundreds of ways of managing identity, they should all play nicely with solid.
Isnt this server specific?
Possibly parts of it, but there might also be common things. Like: what are the accounts on this server? What is the registration page on this server? Etc. Just having that in RDF would already be very useful.
In solid the identity and the storage should be decoupled.
Yes. That is completely orthogonal to this issue, so we're good.
There are hundreds of ways of managing identity
Note that this is not about identity; it is about accounts with a server.
Sounds good, some kind of blurb about it being server specific I think would be good. So then people will know solid works with single home pages, could work with other systems that want to "upgrade" to use solid.
it is about accounts with a server.
I understand storage server (OAuth Resource Server), since NSS couples IdP and RS sometimes 'the server' can get interpreted differently. I think as for creating instances of ws:Storage
it probably just needs an initial ACL, anything else?
since NSS couples IdP and RS
It does not. By default, it indeed provides you with an identity when you sign up for storage, but that is not mandatory. Both are independent.
My WebID https://elf-pavlik.hackers4peace.net/
My WebID Profile Document (current version) https://elf-pavlik.hackers4peace.net/d6f114f2-acf5-4cf7-a9d4-89ee1a365693
(update will create new document and my WebID will 303 redirect to that new version)
My OIDC Identity Provider: https://idp.hackers4peace.net
discoverable via solid:oidcIssuer
I will now set my pim:storage
to:
drive.hackers4peace.net
media.hackers4peace.net
My Type Index Registry will specify which types of resources go to where in which storage.
Besides having my identity (WebID) independent from my OIDC Identity Provider, I also have my OIDC Identity Provider independent from my storages (plural).
In this issue does 'account' refer to OIDC Identity Provider account or the accounts one may create with various storage providers?
In this issue does 'account' refer to OIDC Identity Provider account or the accounts one may create with various storage providers?
Both, independently.
Isnt this server specific?
Possibly parts of it, but there might also be common things. Like: what are the accounts on this server? What is the registration page on this server? Etc. Just having that in RDF would already be very useful.
I guess we could tie this into Server Capability Discovery as well?
We should create a simple specification for account management, such that different apps can manage accounts from different servers. This specification would consist of a set of shapes for RDF documents.