Blogger: Mike Gotta
FOAF (Friends of a Friend) [project site, Wikipedia definition], pops up now and then but you have to look for it if you are in the enterprise software space. Major enterprise vendors tend to dismiss it, ignore it or switch the conversation to their own approach - but FOAF is still worth knowing about if you want to maintain a level of industry awareness and remain open to different viewpoints that may end up augmenting whatever approach you decide to adopt (even if its related to a vendor's product).
I think it's also important to learn about these initiatives (FOAF, XFN, etc) because smart people in the field of social networking are not all working for traditional collaboration or large platform vendors. I don't mean that as a cheap-shot but many times the people that innovate, or force us to take a fresh, hard look at a topic, are those sources not bounded by a product roadmap or vendor agenda and can see broader possibilities. For instance, two interesting "food for thought" examples:
25C3: Privacy in the social semantic web
We propose a network architecture where users keep the total control of access to their data. Instead of using a client-to-server architecture like traditional social networks do, we use the Extensible Messaging and Presence Protocol XMPP also known as the jabber instance messaging network. Like in instant messenger programs, people can add friends to their personal network. Once they mutually authorized each other, personal data can be exchanged. A public-private-key infrastructure on top of the xmpp communication ensures that message cannot be intercepted or read by any third party – including the xmpp server itself. The semantic part in our application are the information exchanged between the clients. We decided to use existing ontologies and schemas like FOAF (Friend of a Friend) and the Tag Ontology. In our first prototype users are able to create their personal profile and to bookmark and tag websites. Those data can then be exchanged with friends. Another feature are recursive searches of those bookmarks which allows to retrieve bookmarks of friend-of-friends (as long as they give their permission). We decided to use semantic technologies because we also wanted to show how a semantic web could look like in future. The overall goal is to develop an open, distributed system to exchange information - privately and protected.
foaf+ssl: adding security to open distributed social networks
One major criticism of open networks is that they seem to have no way of protecting the personal information distributed on the web or limiting access to resources. Few people are willing to make all their personal information public, many would like large pieces to be protected, making it available only to a select group of agents. Giving access to information is very similar to giving access to services. There are many occasions when people would like services to only be accessible to members of a group, such as allowing only friends, family members, colleagues to post a blog, photo or comment on a site. How does one do this in a maximally flexible way, without requiring any central point of access control?
Using an intuition made popular by OpenID we show how one can tie a User Agent to a URI by proving that he has write access to it. foaf+ssl is architecturally a simpler alternative to OpenID (fewer connections), that uses X.509 certificates to tie a User Agent (Browser) to a Person identified via a URI. However, foaf+ssl can provide additional features, in particular, some trust management, relying on signing FOAF files, in conjunction with set of locally trusted keys, as well as a bridge with traditional PKIs. By using the existing SSL certificate exchange mechanism, foaf+ssl integrates more smoothly with existing browsers (pictures with Firefox) including mobile devices, and permits automated sessions in addition to interactive ones.