This is a public chat log generated from the #semsol IRC channel.
10:32:56
bengee updates irl log generator
10:33:20
now with prettier output and #-anchors for mortenf
10:33:41
s/irl/irc/
10:33:47
happy new year bengee
10:34:08
likewise, keithA
10:34:12
:)
10:38:52
(also, happy new year terraces and danbri)
10:41:12
hmm...
10:43:57
arc-bot, pointer
13:23:38
bengee uploads a new revision (2008-01-04), now with SPARQL endpoint support for jsonp/callback
13:59:17
timbl discovers the chanell via arc doc
13:59:47
BTW I had to guess .. no link from the logs to irc://irc.freenode.net/semsol
13:59:59
timbl waves anyway
14:01:10
I was actually woding whether ARC
14:01:29
ARC looks neat anyway
14:11:15
bengee waves back
14:11:15
and thx
14:12:52
I hope to get closer to SPARUL mid-term-ish, SPARQL+ was mostly to get from what I had to basic insert/delete
14:13:37
i.e. to re-use the already implemented CONSTRUCT functionality
14:14:53
you *can* do INSERT { explicit triples here }, which I think is SPARUL-compatible
14:18:01
mornin'
14:18:20
heya danbri
14:18:24
danbri internal timekeeping is all askew
14:18:50
so re updates, I was trying to read/understand OAuth the othe night
14:19:04
not sure how it fits in the picture yet
14:21:15
What I need for the tabulator to be abe to edit a page, such a s a foaf file, is a PHP script which, given a small sparl update message posted to a URI, will read an rdf file, do the patch, write the file back and reply 200.
14:21:28
(or reply 4xx is the patch doesn't work)
14:21:39
OAuth is to much copy/paste from OpenID, IMHO. It's ok for OpenID to be browser-centric, but for auth, I'd want something that my software agent can do for me
14:21:58
What is ARC written in?
14:22:06
php :)
14:22:33
entirely
14:22:40
yes
14:22:46
+mysql for the strage
14:22:51
storage
14:22:52
Soinstall on a friendly web server is easy.
14:23:07
It has an in-memory triple store, though?
14:23:12
yes, I'm currently working with danbri on a wordpress plugin
14:23:18
So i can parse, patch, serialize?
14:23:53
you can do certain things in memory (parse, merge, serialize), but no sparql yet unfortunately
14:25:20
I was playing a bit with file updates before x-mas (that DriftR screencast, in case you saw it), but don
14:25:49
the fact that it could sit happily inside any Wordpress installation as a plugin is just great :)
14:26:14
there area lot of wordpresses arond ... and people have already done the sysadmin to set up the SQL stores, webservers etc
14:27:05
danbri, http://arc.semsol.org/media/2008/01/04/wp-rdf-tools-admin.gif
14:27:15
timbl, did you get anywhere with all that proof-carrying authentication stuff?
14:27:44
ah, nice bengee!
14:28:04
Theer are ongoing projects which uses proofs ... right now we are playing more wit justifying appropriate use in accountability.
14:28:09
the features list should (a) omit the destructive ones, as you do (b) list their names in the help text, so people can term them on again
14:28:16
*turn
14:28:54
begee, "max limit" is sec cpu time?
14:28:56
I think I should add a pwd protection to the endpoint, but then it might be ready for a first "try it"
14:29:13
re proof stuff, ... i was thinking ... say my date of birth was in a named graph that was READable only by a colleague ...
14:29:56
and I define colleague as (informally) their openid URL is listed in a specfied foaf:Group
14:30:16
"max limit" is just LIMIT in the query, but there is a "timeout" option for mysql processes (not in the wp screen, though)
14:30:38
could we have incoming queries to the sparql endpoint also come with a header that explained which foaf:Group the sender was in, and the endpoint would check a trusted graph for each named graph needed
14:30:44
i'm handwaving excessively...
14:31:00
bengee, ah .. then suggest you put what th e limit is in the UI.
14:31:33
yeah, you're right
14:31:48
heh
14:32:04
I was lazy, creating forms in WP is a nightmare
14:32:07
danbri, the incomming query yes should have some sort of ID available.
14:32:17
At the moment, we do out access control by document.
14:32:17
ID?
14:32:17
At the moment, we do out access control by document.
14:32:17
ID?
14:32:29
Openid, foafid,
14:32:43
(How do you do openid on an XGR tarnsaction?)
14:32:49
XHR
14:33:05
yeah I can't see how openid could be used in automated contexts, its too human UI'y
14:33:27
i *thought* idea with OAuth was to allow the human UI bit to drop out of view more, by granting tokens
14:33:31
But suppose we use OpeniD, and the authentication of the openid is that it is in a whitelist which has been generated from a social graph crawl of some sort.
14:33:53
Then the srever has access to the credentials.
14:33:57
so you would have a one time hit of the human going thru a loop like: "photo printing service would like to see your photos and read your private metadata"
14:34:02
which involves web pages and humans reading
14:34:31
for knowee I was thinking of a combination of openid + token + basic http auth
14:34:34
but hands the machines eg 2 timelimited role-specific machine tokens, which can then be used in software by the photo printer and metadata reader
14:34:41
(Like ' #DIG -> faf:member -> foaf-> knows -> foaf:knows -> foaf:openid)
14:34:44
yeah
14:35:03
I
14:35:23
since nobody used the OWL thingy for defining group membership rules, I figured lets see if SPARQL gets any interest
14:35:48
then you can have policy rules which relate the credentials to the access to documents.
14:35:54
graphs, therefore.
14:36:27
you could also play with filtering the SPARQL results, but that is new territory. But aalogues to advances SQL security, I think.
14:37:02
http://xkcd.com/327/
14:37:04
People have used OWL for polciy langauges.
14:37:28
yes, 327 is a favourite.
14:37:36
:)
14:37:52
you should hire him! w3c must need a cartoonist...
14:39:32
ok hmm so where are we? what's the simplest patch to bengee's sparql endpoint that could allow remote agents to flaunt oath permissions to get to private metadata?
14:40:22
I think i) assume a sparql storage policy where the named graph URI simply is the document URI. Other legit policies exist, eg. for version history querying, but its a nice simple model
14:40:25
w3c can't afford to hire all the good people
14:40:35
ah, yeah, I remember :)
14:41:05
(he'd probably guest-illustrate a spec though... hmm)
14:41:53
danbri, I made some notes on http://esw.w3.org/topic/SweoIG/TaskForces/CommunityProjects/knowee/Brainstorming
14:42:13
in "Access to non-public contact data "
14:42:24
ii) assume that the oauth is for read and/or write against URIs that match named graph URIs
14:42:31
it's not OAuth, though, as that doesnt work with server scripts
14:42:48
http://xkcd.com/364/ | sed -e 's/signed her public key/put her in my FOAF profiile/'
14:43:07
shame the cartoons aren't in svg then :)
14:43:13
:)
14:43:32
I don
14:43:39
the getting of the permissions requires human ui / www
14:43:39
If you have to OCR it then probably they don't want you to get the data.
14:43:39
the getting of the permissions requires human ui / www
14:43:39
If you have to OCR it then probably they don't want you to get the data.
14:43:50
for openid/
14:43:54
but once you've got the tokens, machines can use them freely, no?
14:44:08
OCR yeah
14:44:08
They must be able to.
14:44:08
OCR yeah
14:44:08
They must be able to.
14:44:14
(scrople)
14:44:21
Scroble and facebook)
14:44:27
I watched his video cast last night
14:44:41
asked some questions, but they scrolled past too quick for him to see 'em
14:45:13
OAuth (so far) doesn't allow your semweb agent to retrieve a protected resource because it can't authenticate without a human being logged in somewhere
14:45:21
one issue there, is that people are leaking their friends semi-private data
14:45:26
But anyway, I could try asking the systeam hers if tey coul dput ARC2 on the server to support inceremental editing of RDF files.
14:45:40
Also the FOAF in tabulator needds more work.
14:46:03
i still plan to blog our discussion the other night...
14:46:59
can't it provide token in the WWW-Auth header?
14:47:21
i only skimmed the spec at 3am one night...
14:47:57
it woudl have to get back a 403, which most openid systems don't do
14:48:03
that's what I'd like to do with RDFAuth, but I don't think OAuth works w/o the redirect dance
14:48:22
they give 200 and and some "why don
14:49:03
The redirect dnce is OK, but the tabualtor acecsing data has to have a clue taht this redirect s an openid one.
14:49:17
and not just follow it and parse the login screen and stop/
14:49:19
yeah, it works for in-browser apps
14:49:45
well, those which use links, not thise which ise XMLHTTPRequest.
14:50:46
i think i'll try get me a helloworld oauth installation to get learning with
14:51:08
i don't doubt your reading bengee, as I say, just skimmed. but there are numerous extensions in the works i'm sure...
14:51:14
logger, pointer?
14:51:22
arc-bot, pointer
14:51:40
i'll take a look at the knowee stuff, also revisit that recent blog post from danny weitzner
14:52:01
bengee wonders about a way to detec a failed openid login...
14:52:35
I wrote an openid consumer for knowee, IIRC there could be a way to catch those
14:52:54
Some header added?
14:53:06
can you check the final URL you end up with after the redir dance?
14:53:36
I woudl like similarly to be able to catch "Welcome to the Hyatt Guest Wifi -- what room arte you in" fake pages whcih don
14:53:59
openid has a spec-fixed "access denied" result parameter I think
14:54:00
(spend some time debugging tabulator to find what happened the first time :-()
14:54:11
where?
14:54:27
bengee checks his code
14:54:57
as a header?
14:55:09
or in some magic of te redirect URI?
14:55:43
yeah, appended to the return_to URL, I think
14:56:02
so that evil scripts don't know what exactly failed
14:56:13
I can't program tabulator to fish fior smegthing coded in a URI
14:57:09
It is the initial redirect which needs to be caught, so control can be handed over to a live user.
14:57:35
Then eventually, the control will get back to the tabulator code somehow.
14:57:47
could also be tricky.
15:00:00
ah, I see
15:00:39
if the tabulator just wanted to look someting up, like an ontology or some policy rules or something, and had to authenticate.
15:03:04
so you'd have to make tabulator act as a client for a remote openid consumer, that's tricky indeed
15:03:21
danbri finds http://opensourcecommunity.org/2007/12/07/oauth:-php-library-authentication-open-social
15:12:13
timbl, I could have a try at that php-update script. would those updates be simple fwrites to the local file sytem, or did you mean remote editing?
15:12:20
timbl wonders about trying arc2 on w3.org
15:12:43
i'd try it on a DIG dev machine first, since it's changing fast
15:12:48
bengee's rev'd it 3 or 4 times already this week...
15:13:03
hmm but does w3.org have Wordpress? i forget what you chose for blogs
15:13:25
heh, looks like a drupal extension is next, then ;)
15:13:25
Why need blogs?
15:13:25
heh, looks like a drupal extension is next, then ;)
15:13:25
Why need blogs?
15:14:00
no, just that the wordpress-addon could be another way to install it
15:14:12
Why do I need a blog is I have arcs? if i jjust wan to useit for editing rdf files remotely with tab'r?
15:14:24
just thinking out loud
15:14:47
when i think of w3.org i think of "hmm how to integrate with cvs, and ACLs, etc" and its scary, that
15:16:58
a container like wp or drupal can be handy to generate UIs, e.g. Jonathan Hendler created an experimental faceted browser + editor using drupal
15:17:35
.. or as a permission handler
15:18:07
I think we could make that wp plugin re-use the blog's permission system
15:18:21
oh that'd be handy
15:18:22
not sure if I want to dive that deep into wp, though..
15:18:37
it works for the admin screen so far
15:18:39
esp if the wp has the openid extension too, people might be authenticating with openid ...
15:18:53
so you could know who the logged in party was in some grander sense
15:19:19
"danbri killed my endpoint 2 min ago" etc?
15:19:27
sorry ;)
15:21:50
All I want is basically to fix the site so if I make any file .rdfe say it is a live editable RDF file, which will respond to POSTs of SPARQL updates.
15:22:07
and gives MS-Author-Via: SPARQL header.
15:22:15
Nor much to ask :)
15:23:41
too save bandwidth, vs doing it locally and re uploading the entire rdf doc?
15:23:46
*to
15:23:47
that would be per-triple updates, right?
15:24:46
ah, and you'd like to POST to the .rdfe file directly?
15:29:04
Not just bandwidth, but round trip
15:33:47
that ms-author-via detection and POST UPDATE is aleady active in tab'r, isn't it?
15:34:13
so I could try it out locally?
15:42:21
bengee doesn't have webdav, though, would have to fake it
15:45:21
bengee adds a link from the html logs to the irc channel
15:46:06
bengee, why do you need webdfav/
15:46:09
webdav?
15:46:28
isn't ms-author-via some webdav thingy?
15:46:45
(like: tx -- that will help people find you)
15:47:01
thx for the hint :)
15:47:20
Well, it was introduced by MS which of course used proprieray dfont page extensions, to tell their stuff to use the webdav standard.
15:47:29
instead.
15:47:38
MS-author-via: Webdav
15:47:46
ah
15:48:00
they kind squatted onHTTP headert space so we kinda squatted on teir field vale space.
15:48:12
heh
15:48:12
So you need to send MS-Author-Via: SPARQL
15:48:12
heh
15:48:12
So you need to send MS-Author-Via: SPARQL
15:48:36
which means "Don
15:48:46
Maybe we should have stripped the MS
15:48:55
and then tab'r will send back a POST to that URL?
15:49:07
But the header is in use wit webdav already
15:49:16
Yup, it will send a post
15:49:21
using AndyS's SPARUL?
15:49:25
with the sparql-query content type
15:49:33
Bascialy, yes.
15:49:52
EricP's which is the same as AndyS's when you don't do complicated things, I tink
15:50:07
INSERT {...} WHERE
15:50:21
Wheras I think you have INSERT CONSTRCT { } WHERE { }
15:50:26
from the doc
15:50:45
The graph is the default graph, the document the POST is postedf to.
15:50:49
yeah, or just INSERT { }
15:51:15
Can I do INSERT { } WHERE { }?
15:51:23
with common variables?
15:51:43
no, I'd have to tweak my parser
15:52:00
but making CONSTRUCT optional wouldn't be hard
15:52:12
I'd buy you a beer :)
15:52:24
I'll have another look at sparul
15:52:27
to get the sparql*s closer :)
15:53:00
I don't see any need for CONSTRUCT -- I see INSERT more taking its place.
15:53:07
(or DELETE)
15:53:48
I found it intuitive as an upgrade path for people who know CONSTRUCT already
15:58:08
it also allows you to specify datasets more precisely, in SPARUL, you can't define a dataset for the where part that differs from the target graph
15:59:21
e.g. insert into <g1> CONSTRUCT { ... } FROM <g2>
16:01:11
i.e. you have all possibilities of CONSTRUCT, and then just hand the results over to the INSERT handler
16:04:19
no solution modifiers in sparul either, hmm
16:04:54
Bat can't the syntax for INSERT be just that CONSTRUCT is replaces by INSERT?
16:05:39
You mean you don
16:06:04
Well, maybe we'll have to get you and EricP adn AndyS to sit down together
16:06:52
I do have INTO, but SPARUL is actually a subset of what can be doen with SPARQL+, I always thought it was the other way round
16:07:33
I don't need, as a user, anything complicated (yet ;-) but I woudl like convergence!
16:07:51
Woudl it be godo to have a SWIG ScheduleTopicChat on it?
16:08:28
If I make the CONSTRUCT optional in INSERT CONSTRUCT, there should be an overlap between SPARQL+ and SPARUL that covers most of the cases, I think
16:08:31
http://esw.w3.org/topic/ScheduledTopicChat
16:08:51
well, the tabulator will wok.
16:08:55
work,
16:08:58
:)
16:09:52
it looks as though the w3.org system team may have algae doing sparql updates under ACL control on the min site in a couple of weeks.
16:09:53
ScheduledTopicChat could be useful
16:10:18
EricP would be alogical person to set it up.
16:11:22
I'll mail him
16:11:26
cool
16:11:34
i don't think he is back yet
16:12:00
compatible syntax for aggregates is probably a low-hanging fruit, too
16:46:26
yep, a topical chat
16:46:29
i miss those...
16:46:49
danbri curses the EU for their lack of vision
16:46:56
I liked it when the EU funded me to hang out in IRC more :)
16:47:18
now they do odd thing like theseus...
16:47:34
how's that going?
16:47:44
that's more DE than EU, though
16:48:04
i think it got a lot of the semweb funding in the last round
16:48:14
i was on 5 or 6 bids, they all tanked
16:48:16
it
16:49:43
maybe we could get a sparql-update modest sized project funded
16:49:51
it's discrete and useful ...
16:49:54
thy are inviting individuals to submit their ideas, which are then slurped up the usual suspects (empolis, otnoprise, etc)
16:49:58
or maybe that prob is just solvable in a chat
16:50:03
slurped up *by*
16:50:24
danbri nods
16:50:38
ok, i'm off to nose around that oauth php library, back in a bit
16:53:03
theseus sounds a lot like smartweb, which promised a semantic fifa worldcup on mobile phones, but then created ontology mediation environment no #135 or something equally boring
17:13:21
danbri installed facebook foaf exporter on foaf sandbox machine too
17:14:17
dauntless danbri
17:37:10
bengee updates http://arc.semsol.org/media/2008/01/04/wp-rdf-tools-admin.gif
17:39:48
not sure if I'll be online this weekend, but the plugin is almost ready for a first release I think. I'll put it up in a day or three
17:40:55
cya, gtg
17:50:07
danbri grins at http://arc.semsol.org/media/2008/01/04/wp-rdf-tools-admin.gif
19:42:06
(rewining and rereading ... So what can you sparql over? A mysql-backed store?)
19:43:59
Wow .. a UI update. Neat.
19:44:17
I wish some othe comments I make were implemented as fast ;-)
19:44:42
timbl can't resist clicking on checkboxes in screendumps
19:45:18
yes, mysql backed
19:45:29
fast - yeah, that's why I like ARC :)
19:45:45
clicking :)
20:23:25
Just found myself clicking on http://www.techcrunch.com/wp-content/friendcsv-export.jpg
20:39:56
danja now has a live wordpress install ready for testing any plugins that float by #semsol...
20:42:55
hey danja
20:43:11
last we heard: "bengee: not sure if I
20:43:32
oh right, cool
20:43:36
i'm stuck :/
20:43:47
trying to get the foaf facebook exporter running
20:43:52
oh
20:43:57
i mailed the author, ... stuck on php stupidness
20:44:04
ew
20:44:10
what happens?
20:44:12
he didn't bundle the fb (c) libraries, cos the foaf app is gpl
20:44:23
so am trying to recreate his setup, with the latest php from fb
20:44:25
ouch
20:44:26
i suspect it changed
20:44:40
i have a choice of 2 errors
20:44:47
if i include facebook.php i get:
20:44:47
[client 86.146.142.48] PHP Notice: Undefined index: facebook_config in /var/www/html/2008/foaf/fb/facebookapi_php5_restlib.php on line 54
20:44:48
sounds predictable...
20:44:48
[client 86.146.142.48] PHP Notice: Undefined index: facebook_config in /var/www/html/2008/foaf/fb/facebookapi_php5_restlib.php on line 1375
20:44:48
[client 86.146.142.48] PHP Notice: Undefined index: facebook_config in /var/www/html/2008/foaf/fb/facebookapi_php5_restlib.php on line 1375
20:44:48
[client 86.146.142.48] PHP Fatal error: Uncaught exception 'FacebookRestClientException' with message 'Invalid API key' in /var/www/html/2008/foaf/fb/facebookapi_php5_restlib.php:1391\nStack trace:\n#0 /var/www/html/2008/foaf/fb/facebookapi_php5_restlib.php(1391): FacebookRestClient::call_method()\n#1 /var/www/html/2008/foaf/fb/facebookapi_php5_restlib.php(81): FacebookRestClient->call_method('facebook.auth.g...', Array)\n#2 /var/www/html/2008/foaf/fb
20:44:48
[client 86.146.142.48] PHP Fatal error: Uncaught exception 'FacebookRestClientException' with message 'Invalid API key' in /var/www/html/2008/foaf/fb/facebookapi_php5_restlib.php:1391\nStack trace:\n#0 /var/www/html/2008/foaf/fb/facebookapi_php5_restlib.php(1391): FacebookRestClient::call_method()\n#1 /var/www/html/2008/foaf/fb/facebookapi_php5_restlib.php(81): FacebookRestClient->call_method('facebook.auth.g...', Array)\n#2 /var/www/html/2008/foaf/fb
20:44:48
sounds predictable...
20:44:56
if i don't, i get: [client 86.146.142.48] PHP Fatal error: Class 'Facebook' not found in /var/www/html/2008/foaf/fb/facebookapi_php5_restlib.php on line 53
20:45:10
i think i have a decent api key ... but hard to know!
20:45:23
danja not up on php
20:46:00
can you test the key through curl or something?
20:46:40
class not found sounds like compile/caching weirdness
20:47:07
no, its a big jumble of complex stuff so using the supplied php lib is only sane way
20:47:20
i'm not going to be able to canonicalise and hash the url args correctly, etc
20:47:36
yeurgh
20:47:55
ask scoble :-)
20:48:01
danbri pops this off the stack for now, goes back to oauth
20:48:16
heh, that was Plaxo OCR'ing *images* of email addresses
20:48:21
danja hopes for a danbri blog post on that, save trawling
20:48:48
on the fb/plaxo thingy? nah, i'll probably pass
20:48:58
on oauth
20:49:39
oh sure, if i make it do anything
20:49:40
danja started looking around yadis earlier...didn't take long to run out of steam
20:49:59
i want a way to manage permissioning around the named graphs used in sparqlpress stores
20:50:07
yadis, yeah i never got to the bottom of that one
20:50:37
first impressions aren't pretty
20:50:49
with oauth, best place to start is the example walk thru at end
20:50:52
of spec
20:50:59
sparqlpress? yea-ha!
20:51:17
oh right, ta
20:51:35
danja legs it into backroom for guitar practice
20:51:38
laters
20:56:50
tara