@prefix : . @prefix schema: . @prefix xsd: . @prefix rdf: . @prefix rdfs: . @prefix owl: . @prefix foaf: . @prefix prov: . @prefix dcterms: . @prefix dbr: . @prefix naics: . # ── Self-describing document entity ────────────────────────────────────────── a schema:CreativeWork ; schema:name "YouID — Self-Sovereign Identity for the Agentic Web"@en ; schema:description "Knowledge graph tracing the story of self-sovereign identity: from browser incompatibility with PKI through Semantic Web standards, now democratized by LLM-powered AI Agents loosely coupled with Skills like YouID — enabling anyone to create verifiable identity for the emerging Agentic Web."@en ; schema:about :YouIDSkill ; schema:dateCreated "2026-06-19T00:00:00Z"^^xsd:dateTime ; schema:dateModified "2026-06-19T00:00:00Z"^^xsd:dateTime ; schema:author ; schema:license ; schema:keywords "self-sovereign identity, WebID, YouID, Semantic Web, DPKI, Agentic Web, AI Agents, Skills, PKI, X.509, FOAF, cert ontology, NetID"@en ; schema:inLanguage "en" ; prov:wasGeneratedBy . # ── Ontology Declaration ───────────────────────────────────────────────────── :YouIDOntology a owl:Ontology ; schema:name "YouID Self-Sovereign Identity Ontology"@en ; schema:description "A lightweight ontology defining custom classes and properties for describing self-sovereign identity systems, identity protocols, identity vocabularies, AI agent skills, and delegation relations in the YouID ecosystem."@en ; rdfs:label "YouID SSI Ontology"@en ; rdfs:comment "Custom vocabulary for the YouID self-sovereign identity knowledge graph. Defines four classes (IdentityCrisis, IdentityProtocol, IdentityVocabulary, AgentSkill) and seven properties (motivatedBy, enables, implements, simplifies, underpins, binds, hasDelegationRelation)."@en ; owl:versionInfo "1.1"@en ; schema:dateCreated "2026-06-19"^^xsd:date ; schema:dateModified "2026-06-23"^^xsd:date . # ── Custom Classes ──────────────────────────────────────────────────────────── :IdentityCrisis a rdfs:Class ; rdfs:label "Identity Crisis"@en ; rdfs:comment "A systemic gap or failure in a digital identity ecosystem that prevents users from exercising their cryptographic identity rights — e.g., the Browser PKI Gap caused by removal of client-certificate UI."@en ; rdfs:subClassOf schema:Thing ; rdfs:isDefinedBy :YouIDOntology ; rdfs:seeAlso dbr:Public_key_infrastructure , . :IdentityProtocol a rdfs:Class ; rdfs:label "Identity Protocol"@en ; rdfs:comment "A standard or protocol enabling verifiable digital identity — particularly decentralized, cryptographically provable identity without central authority dependency."@en ; rdfs:subClassOf schema:Thing ; rdfs:isDefinedBy :YouIDOntology ; owl:equivalentClass schema:Thing ; rdfs:seeAlso , . :IdentityVocabulary a rdfs:Class ; rdfs:label "Identity Vocabulary"@en ; rdfs:comment "An RDF vocabulary used to express identity-related assertions in machine-readable form — e.g., the FOAF vocabulary, the W3C cert ontology, or OpenLink's oplcert extension."@en ; rdfs:subClassOf schema:Thing ; rdfs:isDefinedBy :YouIDOntology ; rdfs:seeAlso . :AgentSkill a rdfs:Class ; rdfs:label "Agent Skill"@en ; rdfs:comment "A reusable, domain-specific capability bundle for LLM-powered AI Agents. Encodes execution knowledge, protocol routing, query templates, and output formats so that complex workflows (identity generation, SPARQL querying, RDF publishing) can be invoked via natural language."@en ; rdfs:subClassOf schema:SoftwareApplication ; rdfs:isDefinedBy :YouIDOntology ; rdfs:seeAlso , . # ── Custom Properties ───────────────────────────────────────────────────────── :motivatedBy a rdf:Property ; rdfs:label "motivated by"@en ; rdfs:comment "Relates a solution, protocol, or system to the problem or gap that motivated its creation. Inverse of :addresses."@en ; rdfs:domain schema:Thing ; rdfs:range :IdentityCrisis ; rdfs:isDefinedBy :YouIDOntology ; rdfs:seeAlso , . :enables a rdf:Property ; rdfs:label "enables"@en ; rdfs:comment "Relates an agent, protocol, or tool to a capability or identity paradigm it makes possible or accessible."@en ; rdfs:domain schema:Thing ; rdfs:range schema:Thing ; rdfs:isDefinedBy :YouIDOntology ; rdfs:seeAlso , . :implements a rdf:Property ; rdfs:label "implements"@en ; rdfs:comment "Relates a software artifact or protocol to a standard or specification it concretely realizes."@en ; rdfs:domain schema:Thing ; rdfs:range :IdentityProtocol ; rdfs:isDefinedBy :YouIDOntology ; rdfs:seeAlso . :simplifies a rdf:Property ; rdfs:label "simplifies"@en ; rdfs:comment "Relates an agent skill or tool to a complex protocol or workflow it makes accessible to non-expert users."@en ; rdfs:domain :AgentSkill ; rdfs:range schema:Thing ; rdfs:isDefinedBy :YouIDOntology ; rdfs:seeAlso . :underpins a rdf:Property ; rdfs:label "underpins"@en ; rdfs:comment "Relates a foundational standard or infrastructure to the higher-level system it supports — e.g., WebID-TLS underpins DPKI."@en ; rdfs:domain schema:Thing ; rdfs:range schema:Thing ; rdfs:isDefinedBy :YouIDOntology ; rdfs:seeAlso . :binds a rdf:Property ; rdfs:label "binds"@en ; rdfs:comment "Cryptographically links one artifact to another — specifically, binds an X.509 certificate's Subject Alternative Name URI to a dereferenceable WebID profile."@en ; rdfs:domain schema:Thing ; rdfs:range schema:Thing ; rdfs:isDefinedBy :YouIDOntology ; rdfs:seeAlso . # ── Core Entities ──────────────────────────────────────────────────────────── a :AgentSkill , schema:SoftwareApplication ; schema:name "YouID Skill"@en ; schema:description "An AI Agent Skill that generates, verifies, and manages Web-scale verifiable digital identities (NetIDs) using Semantic Web standards. Produces self-signed X.509 certificates, WebID profile documents (Turtle, JSON-LD, RDFa HTML), identity card HTML pages, and vCard VCF bundles. Uploads identity documents to WebDAV/LDP endpoints."@en ; schema:url ; schema:version "1.0.1"@en ; schema:applicationCategory "Digital Identity"@en ; schema:author ; schema:publisher ; :motivatedBy :BrowserPKIGap ; :implements :WebIDTLS , :WebIDConcept ; :enables :SelfSovereignIdentity , :AgenticWebIdentity ; :simplifies :DPKI ; owl:sameAs . :YouIDSkill owl:sameAs . :BrowserPKIGap a :IdentityCrisis ; schema:name "Browser PKI Gap"@en ; schema:description "The systemic failure arising when browser vendors progressively deprecated client-certificate authentication UI, making user-side PKI functionally inaccessible to everyday users. Although X.509 certificates existed for mutual TLS authentication, the client-facing tooling was dismantled. This severed the cryptographic link between individuals and the open web, leaving server-side TLS as a one-way trust relationship."@en ; schema:affectedBy dbr:Public_key_infrastructure , dbr:X.509 ; :enables :WebIDTLS . :WebIDTLS a :IdentityProtocol ; schema:name "WebID-TLS"@en ; schema:description "A W3C protocol that binds an X.509 certificate's Subject Alternative Name (SAN) to a dereferenceable WebID URI. When a client presents the certificate, the server fetches the WebID profile, retrieves the declared RSA public key, and verifies it matches the certificate's public key — achieving decentralized, standards-based mutual authentication without a central identity provider."@en ; :motivatedBy :BrowserPKIGap ; :implements :WebIDConcept ; :underpins :DPKI ; rdfs:seeAlso . :WebIDConcept a schema:DefinedTerm , :IdentityProtocol ; schema:name "WebID"@en ; schema:description "A dereferenceable URI that uniquely identifies an agent (person, organization, or software). When dereferenced, the URI returns a FOAF profile document declaring the agent's attributes and cryptographic public keys. WebID is the cornerstone of decentralized identity on a Semantic Web."@en ; rdfs:seeAlso . :NetIDConcept a schema:DefinedTerm ; schema:name "NetID"@en ; schema:description "A WebID bound to an X.509 certificate via a Subject Alternative Name URI. The NetID is YouID's core identity unit — it combines the cryptographic authority of PKI with the semantic richness of Linked Data, producing a machine-readable, self-verifiable identity credential."@en ; schema:isPartOf . :FOAFVocabulary a :IdentityVocabulary ; schema:name "FOAF Vocabulary"@en ; schema:description "The Friend-of-a-Friend RDF vocabulary for expressing social graphs and personal profiles in machine-readable form. FOAF provides foaf:Agent, foaf:Person, foaf:name, foaf:mbox, foaf:img, and foaf:page — the semantic primitives underpinning WebID profile documents."@en ; rdfs:seeAlso ; owl:sameAs . :CertOntology a :IdentityVocabulary ; schema:name "cert Ontology"@en ; schema:description "The W3C WebID certificate ontology providing cert:RSAPublicKey, cert:modulus, cert:exponent, and cert:key. It enables FOAF profiles to assert the RSA public key values that authenticate the WebID holder — the semantic glue that makes WebID-TLS function."@en ; rdfs:seeAlso . :OplcertOntology a :IdentityVocabulary ; schema:name "oplcert Ontology"@en ; schema:description "OpenLink's certificate extension ontology providing oplcert:Certificate (with fingerprint, SAN, IAN, and hasKey), oplcert:hasIdentityDelegate, and oplcert:onBehalfOf. It extends the W3C cert ontology to support identity delegation — allowing one agent to act on behalf of another with cryptographic provenance."@en . :DPKI a schema:Thing ; schema:name "Decentralized Public Key Infrastructure"@en ; schema:description "A model for cryptographic identity that removes the central Certificate Authority (CA) hierarchy. Instead of trusting a CA chain, trust is established by dereferencing the WebID URI and verifying the public key declared in the profile document matches the certificate presented. Anyone can be their own CA."@en ; schema:alternateName "DPKI"@en ; :underpins :WebIDTLS ; owl:sameAs dbr:Decentralized_Public_Key_Infrastructure . :X509CertificateConcept a schema:Thing ; schema:name "X.509 Certificate"@en ; schema:description "A digital certificate standard (ITU-T X.509) binding a public key to a subject identity. In the YouID model, the certificate's Subject Alternative Name URI field holds the WebID — making the certificate a cryptographic anchor for the Semantic Web identity."@en ; owl:sameAs dbr:X.509 . :SelfSovereignIdentity a schema:Thing ; schema:name "Self-Sovereign Identity"@en ; schema:description "The principle that individuals control their own digital identity without depending on a central identity provider. YouID realizes SSI through decentralized PKI (DPKI) + WebID: the identity is anchored to a URI the individual controls, the certificate is self-signed, and the public key is declared in the individual's own profile document."@en ; schema:alternateName "SSI"@en ; owl:sameAs dbr:Self-sovereign_identity . :AgenticWebIdentity a schema:Thing ; schema:name "Agentic Web Identity"@en ; schema:description "Verifiable identity for the emerging Agentic Web — the layer where LLM-powered AI Agents act on behalf of human principals. In the Agentic Web, agents must carry verifiable credentials (WebID + certificate) so that services, datastores, and other agents can authenticate and authorize actions cryptographically rather than through opaque API keys."@en . :AgenticWeb a schema:Thing ; schema:name "Agentic Web"@en ; schema:description "The next layer of the World Wide Web in which AI Agents act as first-class citizens — querying data, executing transactions, and communicating with other agents on behalf of human principals. The Agentic Web demands robust, decentralized identity so that agents can be authenticated, authorized, and held accountable."@en . :LLMPoweredAgents a schema:Thing ; schema:name "LLM-powered AI Agents"@en ; schema:description "Large-Language-Model-powered software agents that can interpret natural language instructions, orchestrate tool calls, invoke Skills, and execute multi-step workflows. When loosely coupled with Skills like YouID, they act as intelligent intermediaries that make complex protocols (DPKI, WebID-TLS, RDF generation) accessible to non-technical users."@en ; :enables :AgenticWebIdentity ; :simplifies . :AIAgentSkillsFramework a schema:Thing ; schema:name "AI Agent Skills"@en ; schema:description "Reusable, domain-specific capability bundles packaged for LLM-powered AI Agents. A Skill encodes execution knowledge, protocol routing, query templates, and output formats — enabling agents to perform complex tasks (identity generation, SPARQL querying, RDF publishing) without LLM-internal knowledge drift."@en ; rdfs:seeAlso . :SemanticWebParadigm a schema:Thing ; schema:name "a Semantic Web"@en ; schema:description "A web of machine-readable, interlinked data expressed in RDF, queryable via SPARQL, and identified by dereferenceable HTTP URIs. When applied to identity, a Semantic Web enables agents to follow their noses — dereferencing a WebID URI to discover the profile, the public key, and the social graph, all encoded in standard RDF vocabularies."@en . # ── Key People & Organizations ─────────────────────────────────────────────── a schema:Person , foaf:Person ; schema:name "Kingsley Uyi Idehen"@en ; schema:jobTitle "Founder & CEO"@en ; schema:worksFor ; schema:description "Pioneer of Semantic Web identity standards, creator of OpenLink Virtuoso and the YouID self-sovereign identity system. Idehen coined the Platinum Layer concept — using dereferenceable HTTP IRIs as stable, standardized identifiers that turn any knowledge graph into a Semantic Web node."@en ; owl:sameAs , . a schema:Organization , foaf:Organization ; schema:name "OpenLink Software"@en ; schema:description "The company that developed Virtuoso Universal Server, the YouID identity system, and a suite of AI Agent Skills for semantic web data access. OpenLink has been a pioneer of Linked Data and decentralized identity since the early 2000s."@en ; schema:url . # ── Principal Quote ────────────────────────────────────────────────────────── :PrincipalQuote a schema:Quotation ; schema:name "On the Democratization of Self-Sovereign Identity"@en ; schema:text "Browser vendors offer suboptimal UI/UX for client-certificate authentication, effectively sidelining the cryptographic link between individuals and the open web beneath layers of complexity few could navigate. Semantic Web standards — WebID, the FOAF vocabulary, and the cert ontology — rebuilt that bridge through decentralized, linked-data identity. Now, LLM-powered AI Agents loosely coupled with Skills like YouID have democratized that bridge. Anyone can generate their own verifiable, machine-readable identity for use across the emerging Agentic Web."@en ; schema:author ; schema:datePublished "2026-06-19"^^xsd:date ; schema:about :BrowserPKIGap , :WebIDTLS , :AgenticWebIdentity , . # ── NAICS Industry Classifications ─────────────────────────────────────────── naics:511210 a schema:CategoryCode ; schema:name "Software Publishers"@en ; schema:codeValue "511210" ; schema:inCodeSet . naics:541512 a schema:CategoryCode ; schema:name "Computer Systems Design Services"@en ; schema:codeValue "541512" ; schema:inCodeSet . schema:naics "511210" ; schema:naics "541512" . # ── FAQ ────────────────────────────────────────────────────────────────────── :FAQ1 a schema:Question ; schema:position 1 ; schema:name "Why did browser PKI become inaccessible to everyday users?"@en ; schema:acceptedAnswer :Answer1 . :Answer1 a schema:Answer ; schema:text "Browser vendors (Chrome, Firefox, Safari) have long provided suboptimal UI/UX for client-certificate authentication — the interface that would allow users to install X.509 certificates and present them to servers for mutual TLS authentication. The technical capability exists in the standard, but the human-facing tooling is buried beneath layers of complexity few everyday users can navigate. The result: PKI became effectively asymmetric. Servers authenticate to users via TLS, but users cannot practically authenticate to services via certificate — leaving passwords, OAuth, and API keys as the only accessible options. This is the Browser PKI Gap."@en ; schema:isPartOf :FAQ1 . :FAQ2 a schema:Question ; schema:position 2 ; schema:name "What is a WebID and how does it address the Browser PKI Gap?"@en ; schema:acceptedAnswer :Answer2 . :Answer2 a schema:Answer ; schema:text "A WebID is a dereferenceable URI that identifies an agent (person, organization, or software). When dereferenced, it returns an RDF profile document (using FOAF and the cert ontology) that declares the agent's RSA public key. WebID-TLS closes the Browser PKI Gap by shifting the trust anchor from a Certificate Authority hierarchy to the Linked Data web itself: the server fetches the WebID, retrieves the declared public key, and verifies it matches the certificate the client presented — no CA required."@en ; schema:isPartOf :FAQ2 . :FAQ3 a schema:Question ; schema:position 3 ; schema:name "What is a NetID in the context of YouID?"@en ; schema:acceptedAnswer :Answer3 . :Answer3 a schema:Answer ; schema:text "A NetID is any resolvable identifier — not limited to HTTP-based URIs — bound to an X.509 certificate via the Subject Alternative Name (SAN) field. A WebID is the HTTP-specific instance of a NetID. The YouID Skill supports both, combining the cryptographic authority of a public/private key pair with the semantic richness of a FOAF-based profile document."@en ; schema:isPartOf :FAQ3 . :FAQ4 a schema:Question ; schema:position 4 ; schema:name "What is self-sovereign identity and why does it matter?"@en ; schema:acceptedAnswer :Answer4 . :Answer4 a schema:Answer ; schema:text "Self-sovereign identity (SSI) is the principle that individuals control their own digital identity without depending on a central provider (Google, Facebook, an enterprise SSO). YouID realizes SSI through DPKI + WebID: the identity is anchored to a URI the individual controls, the X.509 certificate is self-signed, and the public key is declared in the individual's own profile document. No third party can revoke or take away the identity."@en ; schema:isPartOf :FAQ4 . :FAQ5 a schema:Question ; schema:position 5 ; schema:name "How does DPKI differ from traditional PKI?"@en ; schema:acceptedAnswer :Answer5 . :Answer5 a schema:Answer ; schema:text "Traditional PKI depends on a hierarchy of Certificate Authorities (CAs) whose root certificates are pre-installed in browsers and operating systems. Trust flows from the CA. Decentralized PKI (DPKI) replaces this with direct verification: you dereference the subject's WebID URI to retrieve their profile and declared public key, then verify the certificate matches. Anyone can be their own CA. Trust flows from the Linked Data web, not from a vendor-curated CA store."@en ; schema:isPartOf :FAQ5 . :FAQ6 a schema:Question ; schema:position 6 ; schema:name "What role does the cert ontology play in connecting X.509 to Semantic Web identity?"@en ; schema:acceptedAnswer :Answer6 . :Answer6 a schema:Answer ; schema:text "The W3C cert ontology provides cert:RSAPublicKey, cert:modulus, and cert:exponent — RDF terms that let a FOAF profile document declare the exact RSA public key values extracted from the X.509 certificate. When a WebID-TLS server fetches the profile and runs the key-match SPARQL query, it is effectively bridging the X.509 certificate world and a Semantic Web into a single cryptographic verification step."@en ; schema:isPartOf :FAQ6 . :FAQ7 a schema:Question ; schema:position 7 ; schema:name "What is the Agentic Web?"@en ; schema:acceptedAnswer :Answer7 . :Answer7 a schema:Answer ; schema:text "The Agentic Web is the next layer of the World Wide Web in which LLM-powered AI Agents act as first-class citizens — querying data, executing transactions, and communicating with other agents on behalf of human principals. Unlike today's web where humans browse and click, the Agentic Web is primarily machine-to-machine. This demands robust decentralized identity: an agent must carry a verifiable credential so that services and other agents can authenticate and authorize it without relying on shared secrets or API keys."@en ; schema:isPartOf :FAQ7 . :FAQ8 a schema:Question ; schema:position 8 ; schema:name "How do LLM-powered AI Agents with Skills democratize digital identity?"@en ; schema:acceptedAnswer :Answer8 . :Answer8 a schema:Answer ; schema:text "The YouID identity stack involves openssl commands, RDF template filling, multi-format artifact generation (Turtle, JSON-LD, RDFa HTML, vCard, X.509), and WebDAV uploads. This complexity has historically required PKI expertise. By encapsulating this knowledge in the YouID Skill and routing it through an LLM-powered AI Agent, the entire workflow becomes accessible via natural language. A user describes who they are; the agent handles the rest — including the cert generation, template filling, consistency gates, and upload."@en ; schema:isPartOf :FAQ8 . :FAQ9 a schema:Question ; schema:position 9 ; schema:name "What makes YouID different from OAuth-based identity providers?"@en ; schema:acceptedAnswer :Answer9 . :Answer9 a schema:Answer ; schema:text "OAuth-based identity (Google Sign-In, GitHub OAuth, Auth0) centralizes trust: the identity provider controls your account. If the provider suspends or deletes your account, your identity is gone. YouID is fundamentally different: the identity is anchored to a URI you control, the certificate is self-signed, and the public key is declared in your own profile document on a WebDAV/LDP server you control. The identity is portable, durable, and not subject to provider policy changes."@en ; schema:isPartOf :FAQ9 . :FAQ10 a schema:Question ; schema:position 10 ; schema:name "How does Kingsley Uyi Idehen connect the Semantic Web to the Agentic Web?"@en ; schema:acceptedAnswer :Answer10 . :Answer10 a schema:Answer ; schema:text "Idehen's thesis — articulated through OpenLink Virtuoso, the YouID system, and the Platinum Layer concept — is that the Semantic Web already provided the primitives for the Agentic Web: dereferenceable HTTP IRIs as stable identifiers, RDF for machine-readable descriptions, SPARQL for querying, and WebID-TLS for decentralized authentication. LLM-powered AI Agents with Skills like YouID are now the accessibility layer that makes these primitives usable by anyone — completing the loop from the Semantic Web vision of the early 2000s to the Agentic Web reality of the 2020s."@en ; schema:isPartOf :FAQ10 . # ── Glossary ───────────────────────────────────────────────────────────────── :GlossaryWebID a schema:DefinedTerm ; schema:name "WebID"@en ; schema:description "A dereferenceable URI that identifies an agent (person, organization, or software). Dereferencing it returns an RDF FOAF profile document declaring attributes and RSA public keys."@en ; schema:inDefinedTermSet :YouIDGlossary . :GlossaryX509 a schema:DefinedTerm ; schema:name "X.509 Certificate"@en ; schema:description "ITU-T standard digital certificate binding an RSA public key to a subject. In YouID, the SAN field carries the WebID URI — making the cert a cryptographic anchor for Semantic Web identity."@en ; schema:inDefinedTermSet :YouIDGlossary . :GlossarySAN a schema:DefinedTerm ; schema:name "SAN (Subject Alternative Name)"@en ; schema:description "An X.509 certificate extension that can contain URIs, DNS names, or email addresses. WebID-TLS places the WebID URI in this field to bind the certificate to the identity."@en ; schema:inDefinedTermSet :YouIDGlossary . :GlossaryDPKI a schema:DefinedTerm ; schema:name "DPKI (Decentralized PKI)"@en ; schema:description "A model for cryptographic identity that removes the Certificate Authority hierarchy. Trust is established by dereferencing the WebID URI and verifying the declared public key matches the presented certificate."@en ; schema:inDefinedTermSet :YouIDGlossary . :GlossaryFOAF a schema:DefinedTerm ; schema:name "FOAF (Friend of a Friend)"@en ; schema:description "An RDF vocabulary for expressing social graphs and personal profiles. Provides foaf:Agent, foaf:Person, foaf:name, foaf:mbox, and foaf:img — the semantic primitives of WebID profile documents."@en ; schema:inDefinedTermSet :YouIDGlossary . :GlossaryCertOntology a schema:DefinedTerm ; schema:name "cert Ontology"@en ; schema:description "W3C WebID certificate ontology (https://www.w3.org/ns/auth/cert) providing cert:RSAPublicKey, cert:modulus, cert:exponent, and cert:key — enabling FOAF profiles to assert the RSA public key values that authenticate the WebID holder."@en ; schema:inDefinedTermSet :YouIDGlossary . :GlossarySSI a schema:DefinedTerm ; schema:name "Self-Sovereign Identity (SSI)"@en ; schema:description "The principle that individuals control their own digital identity independently of any central provider. YouID achieves SSI through DPKI + WebID: self-signed certificate, user-controlled URI, user-controlled profile document."@en ; schema:inDefinedTermSet :YouIDGlossary . :GlossaryAgenticWeb a schema:DefinedTerm ; schema:name "Agentic Web"@en ; schema:description "The emerging layer of the web where LLM-powered AI Agents act as first-class citizens — querying, transacting, and communicating machine-to-machine on behalf of human principals."@en ; schema:inDefinedTermSet :YouIDGlossary . :GlossaryAgentSkills a schema:DefinedTerm ; schema:name "AI Agent Skills"@en ; schema:description "Reusable, domain-specific capability bundles packaged for LLM-powered AI Agents. Skills encode execution knowledge, protocol routing, and output templates — preventing knowledge drift and enabling deterministic, standards-compliant output."@en ; schema:inDefinedTermSet :YouIDGlossary . :GlossaryNetID a schema:DefinedTerm ; schema:name "NetID"@en ; schema:description "Any resolvable identifier — not limited to HTTP-based URIs — bound to an X.509 certificate via the Subject Alternative Name (SAN) field. A WebID is the HTTP-specific instance of a NetID. The YouID Skill supports both."@en ; schema:inDefinedTermSet :YouIDGlossary . :GlossaryOplcertOnBehalfOf a schema:DefinedTerm ; schema:name "oplcert:onBehalfOf"@en ; schema:description "An RDF predicate from OpenLink's cert extension ontology. It asserts a machine-computable delegation relation: the subject (an AI Agent's NetID) acts on behalf of the object (the human operator's NetID). The inverse predicate oplcert:hasIdentityDelegate expresses the same relation from the human's perspective."@en ; schema:inDefinedTermSet :YouIDGlossary . :GlossaryDelegationBundle a schema:DefinedTerm ; schema:name "Delegation Bundle"@en ; schema:description "An RDF document generated by the YouID Skill that contains two NetID/WebID profiles — one for the human operator and one for the AI Agent — plus oplcert:onBehalfOf and oplcert:hasIdentityDelegate triples formally linking them. Enables any service to verify both the agent's identity and its authorized relationship to its human principal."@en ; schema:inDefinedTermSet :YouIDGlossary . :YouIDGlossary a schema:DefinedTermSet ; schema:name "YouID Identity Glossary"@en ; schema:hasDefinedTerm :GlossaryWebID , :GlossaryNetID , :GlossaryX509 , :GlossarySAN , :GlossaryDPKI , :GlossaryFOAF , :GlossaryCertOntology , :GlossarySSI , :GlossaryAgenticWeb , :GlossaryAgentSkills , :GlossaryOplcertOnBehalfOf , :GlossaryDelegationBundle . # ── HowTo: Create Your YouID for the Agentic Web ───────────────────────────── :CreateYouID a schema:HowTo ; schema:name "Generate Your NetID or WebID Using the YouID Skill"@en ; schema:description "Eight steps to generating a verifiable, self-sovereign NetID or WebID via an LLM-powered AI Agent and the YouID Skill — including an optional step for generating an Agent Identity and machine-computable delegation bundle."@en ; schema:step :HowToStep1 , :HowToStep2 , :HowToStep3 , :HowToStep4 , :HowToStep5 , :HowToStep6 , :HowToStep7 , :HowToStep8 . :HowToStep1 a schema:HowToStep ; schema:position 1 ; schema:name "Define your WebID URI"@en ; schema:text "Choose a stable, dereferenceable URI that will permanently represent you. The URI must be on a domain or WebDAV path you control — e.g., https://yourdomain.com/people/you#me or https://linkeddata.uriburner.com/DAV/home/you/profile#me. This URI will appear in the X.509 certificate's Subject Alternative Name field and in every RDF profile document."@en . :HowToStep2 a schema:HowToStep ; schema:position 2 ; schema:name "Collect your identity parameters"@en ; schema:text "Gather: your common name, professional title, email address, organization, country code (2-letter ISO), social profile URLs (LinkedIn, X, GitHub, etc.), an optional photo URL, and an optional personal profile page URL. These become the semantic assertions in your FOAF profile document."@en . :HowToStep3 a schema:HowToStep ; schema:position 3 ; schema:name "Invoke the YouID Skill via an LLM-powered AI Agent"@en ; schema:text "Open your preferred LLM-powered AI Agent (Claude Code, GPT-5 Codex, DeepSeek, Grok CLI, etc.) and say: 'Generate a NetID / YouID identity card for [your name]'. The agent will load the YouID Skill, elicit your parameters, and orchestrate the generation workflow — no PKI expertise required."@en . :HowToStep4 a schema:HowToStep ; schema:position 4 ; schema:name "Generate your X.509 certificate with WebID SAN"@en ; schema:text "The YouID Skill runs scripts/generate_certificate.sh to produce a self-signed RSA-2048 X.509 certificate with your WebID URI in the Subject Alternative Name field. The script also extracts the modulus, exponent, fingerprints (SHA-1 and SHA-256), and NI/DI URIs into a cert_data.json file — the seed for all subsequent RDF documents."@en . :HowToStep5 a schema:HowToStep ; schema:position 5 ; schema:name "Verify public key consistency across all representations"@en ; schema:text "The Basic WebID Test gate verifies that the RSA modulus and exponent from the generated cert.p12 match the cert:modulus and cert:exponent values in profile.ttl, profile.jsonld, and index.html. This gate must pass with zero failures before any identity document is delivered or uploaded."@en . :HowToStep6 a schema:HowToStep ; schema:position 6 ; schema:name "Upload your identity bundle to WebDAV/LDP storage"@en ; schema:text "The YouID Skill uses curl PUT commands to upload all generated artifacts (profile.ttl, profile.jsonld, profile_rdfa.html, certificate.ttl, certificate.jsonld, certificate.rdfa.html, public_key.ttl, public_key.jsonld, public_key.rdfa.html, index.html, vcard.vcf, style.css, cert.pem, cert.crt) to your chosen WebDAV/LDP endpoint. The profile is now live and dereferenceable."@en . :HowToStep7 a schema:HowToStep ; schema:position 7 ; schema:name "Share your NetID or WebID URI across the Agentic Web"@en ; schema:text "Your NetID — realized here as a WebID URI — is now a verifiable, portable, self-sovereign identity credential. Share it in email signatures, social profiles, and Agentic Web service registrations. AI Agents acting on your behalf will present the X.509 certificate derived from this identity; services will verify it by dereferencing your WebID profile and matching the declared public key."@en . :HowToStep8 a schema:HowToStep ; schema:position 8 ; schema:name "Generate an Agent Identity and delegation bundle (optional)"@en ; schema:text "The YouID Skill can generate a verifiable identity for the AI Agent itself — giving the agent its own NetID or WebID and X.509 certificate. It then produces a delegation bundle: an RDF document asserting oplcert:onBehalfOf and oplcert:hasIdentityDelegate triples that formally link the agent's NetID to the human operator's NetID. The whoami command in agent environments exercises this: it returns two verified identities and the machine-computable delegation relation between them."@en . # ── Agent Delegation Entities ───────────────────────────────────────────────── :AgentDelegation a schema:Thing ; schema:name "Agent Identity & Delegation"@en ; schema:description "The capability of the YouID Skill to generate a verifiable NetID or WebID for an AI Agent and produce a machine-computable delegation bundle linking the agent to its human operator via oplcert:onBehalfOf and oplcert:hasIdentityDelegate triples."@en ; :enables :AgenticWebIdentity ; rdfs:seeAlso :OplcertOntology . :DelegationBundle a schema:Thing ; schema:name "Delegation Bundle"@en ; schema:description "An RDF document generated by the YouID Skill containing two NetID/WebID profiles — one for the human operator and one for the AI Agent — plus oplcert:onBehalfOf and oplcert:hasIdentityDelegate triples formally linking them. Enables any service to verify both the agent's identity and its authorized relationship to its human principal."@en ; schema:isPartOf . :OplcertOnBehalfOf a schema:Thing ; schema:name "oplcert:onBehalfOf"@en ; schema:description "An RDF predicate from OpenLink's cert extension ontology asserting that the subject (an AI Agent's NetID) acts on behalf of the object (the human operator's NetID). The inverse predicate oplcert:hasIdentityDelegate expresses the same relation from the human's perspective."@en ; schema:isPartOf :OplcertOntology ; rdfs:seeAlso . # ── SPARQL Queries ─────────────────────────────────────────────────────────── :SPARQL1 a schema:CreativeWork ; schema:position 1 ; schema:name "List all identity concepts with descriptions"@en ; schema:text """PREFIX schema: SELECT DISTINCT ?entity ?name ?description FROM WHERE { ?entity schema:name ?name ; schema:description ?description . FILTER(LANG(?name) = 'en') } ORDER BY ?name"""@en . :SPARQL2 a schema:CreativeWork ; schema:position 2 ; schema:name "Retrieve all FAQ question-answer pairs"@en ; schema:text """PREFIX schema: PREFIX : SELECT ?pos ?question ?answer FROM WHERE { ?q a schema:Question ; schema:position ?pos ; schema:name ?question ; schema:acceptedAnswer/schema:text ?answer . } ORDER BY ?pos"""@en . :SPARQL3 a schema:CreativeWork ; schema:position 3 ; schema:name "Retrieve glossary terms"@en ; schema:text """PREFIX schema: PREFIX : SELECT ?term ?definition FROM WHERE { ?t a schema:DefinedTerm ; schema:name ?term ; schema:description ?definition . } ORDER BY ?term"""@en . :SPARQL4 a schema:CreativeWork ; schema:position 4 ; schema:name "Retrieve HowTo steps"@en ; schema:text """PREFIX schema: SELECT ?step ?name ?text FROM WHERE { ?s a schema:HowToStep ; schema:position ?step ; schema:name ?name ; schema:text ?text . } ORDER BY ?step"""@en .