[OpenID] My answers to the nominee questions
Peter Watkins
peterw at tux.org
Fri Dec 12 18:15:13 UTC 2008
On Thu, Dec 11, 2008 at 11:24:17PM -0800, Luke Shepard wrote:
> Who am I? I have long been passionate about privacy on the internet. I'd love to see a world in which I can go anywhere and perfectly control the information that comes with me.
Like Shade, I'm happy to see the word "privacy". But I don't see how that
fits with Connect's technical model, of letting facebook.com not only learn
about every hit to a Connect-enabled URL, but send JS code that could do
even more on the client side. I see a fundamental difference in the privacy
protections afforded by the current OpenID standard and Connect. At its core,
OpenID allows the user to decide what RPs learn about their identity/identities.
It fits with the old Internet model of allowing users to hold multiple nyms
if they choose. The Facebook model is one of trusting a central repository
to hold all your data and (heopfully) only release what you authorize. It
delegates to the developers, admins, and DBAs of Facebook the responsibility
for safegauarding user privacy.[0]
Why should the OpenID community trust you when your employer, despite your
obvious importance and influence, doesn't accept or offer OpenID? Why should
the OpenID community trust your passion about privacy, given the architectural
models for information security and federated login that you, at your day job,
support? That you proclaim as being "a great product"?
> I am an engineer on the Facebook Connect team. I've worked a lot on both the developer and the user interfaces, and I have some ideas about how to improve the OpenID experience for both users AND developers. Improve for users increases value, and improving for developers lowers costs-
Let's hear 'em!
-Peter
[0] There's an element of server trust in OpenID, too (e.g. I cannot keep
Google from revealing my email address when I use it for OpenID), but since
a user can have multiple different URLs and OPs, there's at least a way
that individuals can better compartmentalize nyms without trusting the
operators and designers of remote systems. Not quite CardSpace, but certainly
more user control & privacy than Connect offers.
More information about the general
mailing list