Yadis Examples

Christopher Schmidt crschmidt at crschmidt.net
Tue May 17 08:58:46 PDT 2005

Some tools, some code, and some thoughts.

LiveJournal Specific at the moment, until I learn how to parse invalid

Python implementation using Redland[1] RDF parsing to find the URI to

Python implementation using xml.dom.minidom to find an identity server
to use.

I'm not quite sure how I'm supposed to decrypt the DSA signature that
LiveJournal's Yadis server returns: I tried importing the sig into GPG,
to do it that way, but it seems that the public key that LiveJournal
exports is not valid. I'm not really sure if it's important, either,
unless I'm concerned about man-in-the-middle attacks, since the identity
server must preserve arguments, and I can just pass an argument with the
original URI along.

Couple concerns about the RDF/FOAF aspect of it:

There's no indication in LiveJournal's FOAF file that says who a
particular file is about. The fact that Christopher Schmidt is listed
first in http://crschmidt.livejournal.com/data/foaf doesn't neccesarily
mean it's his file. What happens when multiple people's identity servers
are stored in a file, and the first one isn't the right one to
authenticate against?

I suppose it doesn't really make a difference: if you're using two
identity servers in one FOAF file, you're really doing something wrong
if that file doesn't work at both, but data does sometimes get copied
around in FOAF without people noticing these kind of things.

There is a way in FOAF to say "This file is about this person": the
patch discussed at
http://www.livejournal.com/community/lj_dev/675451.html implements it
for LiveJournal. The relevant bit is:

+        $ret .= "  <foaf:PersonalProfileDocument rdf:about=''>\n";
+        $ret .= "      <foaf:maker rdf:nodeID='a'/>\n";
+        $ret .= "      <foaf:primaryTopic rdf:nodeID='a'/>\n";
+        $ret .= "  </foaf:PersonalProfileDocument>\n";
+    $ret .= ($comm ? "  <foaf:Group rdf:nodeID='a'>\n" : "
<foaf:Person rdf:nodeID='a'>\n");

This says "The primary topic of this file is the person identified by
node a", and adds node a to the primary person.

This would make things a bit more in line with the idea of using FOAF
for more than one person.

I also already mentioned the fact that the yadis property points to a
literal rather than a URI: <yadis:identityServer>foo</> rather than
<yadis:identityServer rdf:resource="http://foo" />, which is the typical
way to indicate that something is a URI in RDF. Discussion in lj-dev[2].

Okay, I'm ranting, and this is long and boring.  I think the
implementation is cool, and I'm looking forward to seeing more about it
and more tools that use it.

[1] http://librdf.org/
[2] http://www.livejournal.com/community/lj_dev/683939.html?thread=7272099

Christopher Schmidt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.danga.com/pipermail/yadis/attachments/20050517/3b483cb9/attachment.pgp

More information about the yadis mailing list