Yesterday, TimBL talked about Distributed Social Networking Through Socially Aware Cloud Storage during the W3C Social Web XG meeting. I’m not going to discuss the huge potential strategic impact of this, but rather focus on a certain ‘technical’ detail that caught my attention. In his (related) design note Socially Aware Cloud Storage, he writes:
Access control files for a resource are discovered by a client using the HTTP link header.
Fair enough. So assuming we use the WebAccessControl vocabulary in an access control file (ACF) to restrict access to a resource on the Web. So, how exactly should the interaction take place? What should we use as a @rel-value for the HTTP Link: header? Does it make sense for the user agent (UA) to evaluate the ACF? Is the ACF discovery necessary at all?
Here is what I came up with so far:
Ah, btw, once this is sorted I’ll update the WACup demo with it …
UPDATE: As rightly pointed out by Melvin on #swig IRC channel, the use case for the discovery is to be able edit/change an ACF. See also the paper Using RDF Metadata To Enable Access Control on the Social Semantic Web by the DIG folks where they have proposed to use the rel=’meta’ value; I’ve hence corrected the above figure.