[OpenID] OpenID, P2P and decentralization
Recordon, David
drecordon at verisign.com
Fri Mar 2 19:58:43 UTC 2007
Agreed, but I'm not talking as a RP or OP, but as a person. If I see
you using http://paul.madsen.name for example on a public service such
as Jyte, is it wrong for me to treat it as a public identifier?
We're not talking about technology here beyond the initial start in
terms of using a technology such as XFN or FOAF for me as a person
deciding to broadcast my social network of public identifier. I'm not
advocating for this be done in any sort of automatic fashion...just as I
don't automatically publish a list of every email address which emails
me.
--David
-----Original Message-----
From: Paul Madsen [mailto:paulmadsen at rogers.com]
Sent: Friday, March 02, 2007 11:56 AM
To: Recordon, David
Cc: general at openid.net
Subject: Re: [OpenID] OpenID, P2P and decentralization
Hi David, before you listed that email of mine, you asked yourself 'Has
Paul made this identifier publicly available?' As I had, you felt it was
safe to broadcast it.
But, who is to say that I want all of my OpenIDs publicized in the same
fashion? I might use one only at a particular set of RPs or in a
particular context. If I share such a contextual OpenID with yourself in
order to represent some social connection between ourselve, have I
given up all rights with respect to what you do with it?
OpenID is an IDP discovery mechanism and a SSO protocol, it shouldn't
dictate a particular privacy model.
paul
Recordon, David wrote:
> Agreed, if you're using a public identifier then what is the harm.
>
> I'd also have no problem giving someone your email address,
> paulmadsen at rogers.com, since you've made it a public identifier by
> posting to publicly archived mailing list. Same would apply for
> something like Ben Laurie's phone number since he posts it publicly at
> http://www.apache-ssl.org/ben.html.
>
> Now if you've shared an identifier with me which you don't use in a
> public fashion, then I would respect that and not share it.
>
> So same thing with an OpenID URL or iname. If it is being used
> publicly http://davidrecordon.com or =kaliya then I don't see why it
> being referenced in a public fashion is a bad thing.
>
> --David
>
> -----Original Message-----
> From: general-bounces at openid.net [mailto:general-bounces at openid.net]
> On Behalf Of Carl Howells
> Sent: Friday, March 02, 2007 11:37 AM
> To: Paul Madsen
> Cc: general at openid.net
> Subject: Re: [OpenID] OpenID, P2P and decentralization
>
> (Sorry for the double-email Paul, I forgot how this list is set up.)
>
> Because an OpenID isn't private information? The whole *point* of the
> system is that it's a public-facing identifier.
>
> Carl
>
> Paul Madsen wrote:
> > David, you wouldn't give out my email, my home address, my SIN, or
> my phone number without asking yourself whether I might object, why
> should an OpenID be different?
> >
> > paul
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
>
>
--
Paul Madsen e:paulmadsen @ ntt-at.com
NTT p:613-482-0432
m:613-302-1428
aim:PaulMdsn5
web:connectid.blogspot.com
More information about the general
mailing list