WebID Protocol is an authentication and authorization protocol
that links a "Web ID" or "Personal URI " to a public key to create a
global, decentralized, distributed, and secure authentication
system that functions with existing browsers.
WebID Protocol uses PKI standards - usually thought of as
hierarchical trust management tools - in a decentralized web-of-trust way . The web of trust
is built using semantic web vocabularies (particularly FOAF
) published in RESTful manner to form Linked Data.
Based on well known existing standards, WebID Protocol is
currently in development, and is being discussed on the FOAF protocols mailing list .
Automatic discovery of interpersonal trust relationships enables
automatic application of appropriate permissions.
In other words, data owners can set fuzzy permissions like "only
let my friends see this" or "only let my family edit this."
Applications can discover the relationships between the data owner
and the data requester/user, and permit (or disallow) any attempted
actions, without needing the data owner to explicitly set
permissions for each potential user.
One example might be a parent setting permissions on a photo
gallery, to permit viewing only by "immediate family". The parent
need not list each and every such relative specifically for this
application - and need not add new permissions for a new family
member (whether by marriage, birth, or otherwise), though they do
need to be added to the owner's FOAF. When a new user comes and
asks to see the pictures, the gallery application would check the
relationships declared by each person (the owner and the visitor),
and if they matched up (in other words, the visitor could not get
in simply by claiming a family relationship; the relationship must
be confirmed by the owner's FOAF data), the pictures would be