Using ESS 2.0 or CSS 5.0, is there any way to store a pim:preferences reference in your webID at the moment? I’m wanting to experiment with some security testing at the moment, and this part would be critical to achieving my goals.
Please read and comment on Proposed Conformance Model · Issue #40 · solid/webid-profile · GitHub which addresses these issues. At the moment, you would need to place the link to the pim:preferencesFile in the document pointed to from the WebID document with the foaf:primaryTopicOf predicate.
I was reading that document and figured that would be the most straightforward approach using ESS, but in my mind I figured it would be nice if servers would go ahead and assign some sort of public-private key pair on account creation and keep it in the webID profile document. This way it’d be much easier to see if someone was trying to imitate someone else in an indirect manner.
The solid:oidcIssuer ties the WebID document to the login process. You can’t be recognized as the owner of the WebID document unless you login using that issuer. Not sure how a key in the document would help. ESS does, BTW allow you as a user to change the WebID document, however that is through a special servber bypass and can’t be done with regular PUT/PATCH etc. via a script.