coulomb/identity-canon
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1c1b5c9bc6c757fdd10c643ccd356d665c0cf5c5
identity-canon/research/social-community-graphs/webid-solid-profile.md
tegwick 1c1b5c9bc6 Complete IDENTITY-WP-0003 corpus backfill and model refinement 
Backfill all 23 research source notes with terminology extracts, modeling
assumptions, conflicts, canonical mappings, and references. Refresh terminology
artifacts, refine the conceptual model with explicit scenario paths, reconcile
canon surfaces and open questions, and mark the workplan finished.
2026-06-21 20:22:20 +02:00

4.4 KiB
Raw Blame History

WebID and Solid Profile

Source Type

Standard and ecosystem specification. WebID (W3C CG) for decentralized identifiers; Solid Protocol for user-controlled data pods and profiles.

Domain

Decentralized identity-style profile discovery, user-controlled storage, and WebID-based identification.

Why This Source Matters

WebID/Solid support user-controlled profiles and decentralized identity-style profile discovery, relevant to persona, identifier, and data-sovereignty semantics.

Key Concepts

  • WebID: HTTP(S) URI identifying an agent; dereferencing yields profile document (RDF).
  • WebID profile document: RDF description of agent with type, name, certificates, and links.
  • Solid Pod: user-controlled personal data store with access control.
  • Solid Profile: extended profile in pod with extended attributes and preferences.
  • WebID-OIDC: bridge binding OIDC authentication to WebID URI.
  • Agent type in profile: self-described person or organization.
  • ACL (WAC / ACP): resource-level access control on pod resources.
  • Type Index: registry of resource types in a pod.
  • Identity provider linkage: OIDC issuer associated with WebID.

Relevant Terminology

Term Source meaning
WebID HTTP URI identifying an agent; profile at same URL.
Profile document RDF at WebID URI describing the agent.
Pod User-controlled storage space.
Solid Profile Profile data stored in pod.
Agent Entity described by WebID (person or org).
WebID-OIDC OIDC flow producing ID token with WebID claim.
ACL Access control on pod resources.
Type Index Discovery of pod resource categories.
issuer OIDC provider linked to WebID authentication.

Modeling Assumptions

  • Identifier (WebID URI) is primary; profile is dereferenceable description.
  • User controls data placement in pod, not only profile attributes.
  • Agent self-describes type (person/org) in RDF profile.
  • Authentication can bind OIDC subject to WebID via WebID-OIDC.
  • Access control is resource-centric on pod, separate from identity record.
  • No central directory; discovery via URI dereferencing.
  • Multiple profiles/pods per person possible across providers.

Identity-Canon Implications

  • WebID URI maps to Identifier (globally dereferenceable).
  • Profile document maps to Profile with RDF attributes.
  • Pod maps to user-controlled Scope for data storage.
  • Agent in profile maps to Actor (Natural Person or Organization).
  • WebID-OIDC binding maps to Synonymity Assertion / Identifier Binding between OIDC sub+iss and WebID URI.
  • ACL maps to authorization projection on resources in pod Scope.
  • Supports S14 (pseudonymous/scoped identity), S02 (multiple profiles), user sovereignty goals from ResearchSeed.

Terminology Conflicts

  • WebID vs. DID: both decentralized identifiers; different ecosystems and resolution models.
  • Profile vs. Account: Solid profile is data surface; may not include login credentials on same system.
  • Agent vs. Actor: WebID agent is self-described entity; canon Actor is broader participation root.
  • Identity vs. WebID: developers equate WebID with whole identity.
  • ACL vs. Authorization Principal: pod ACL uses WebID URIs as agents.

Candidate Canonical Mappings

WebID/Solid concept Candidate canonical concept
WebID URI Identifier
Profile document Profile
Solid Pod Scope (user-controlled data)
Agent (in RDF) Actor
WebID-OIDC binding Identifier Binding / Synonymity Assertion
OIDC iss + sub Scoped Identifier
ACL agent Authorization Principal (WebID URI)
Type Index Profile/discovery metadata
Pod resource Resource (downstream)

Open Questions

  • Should WebID URI be a distinct Identifier subtype vs. generic HTTP URI?
  • How should WebID-OIDC binding strength compare to OIDC pairwise sub (S14)?
  • Does pod Scope warrant a canonical "Data Scope" specialization?
  • Should Solid ACL remain purely authorization projection, or inform Relationship types for resource sharing?

References

Reference in New Issue View Git Blame Copy Permalink