[OpenID] A little crypto-politics: crypto anarchism, VeriSign OpenID, OpenID brand meaning

Sun Sep 9 02:37:11 UTC 2007

> You know perfectly well that you're breaking a thread (or trying to),
> and that replies to your offlist comment won't appear in the archive
of
> this list.

Yes I know that there was an offlist reference; I was following Henry's
convention, to the best of my meager abilities and limited to what the
live.com blogging service offers me. A little over cautious, it seems to
limit the range of web techniques I can exploit. (I can iframe a rdf
file it hosts, but not iframe a third party URL that renders a view
exploring that same file... except when previewing the  blog entry. Upon
publication, MSFT just strips out the HTML controls with such insecure
elements (without telling you, even! Most confusing! What it preview
does not mean "what it will later deem "acceptable for publication"))

And, yes I know the blogsite has, like others, its commenting forum
(which I may yet learn to curtail, by individual post). The nature of
ATOM and RSS means, I believe, that I cannot stop others maintaining
commenting forums on my posts there, outside my control, however. I'll
try later, tho. It's fun to see how traditional information control
flows that govern social relations are emerging, in the newer
communication modalities - much as they did in usenet and irc. It's a
nice use case set, to see how OpenID System of ideas plays out, once the
id claims are communicated and actually used - in the brave new world of
the web.

There has to be away, for example, in which I can use a common OpenID
(with several different OPs acting in support) to have both an email
identity, and also one or more blog centric identities: be proper on
corporate email, be decorous on community email, rant about politics on
a personal blog, share tools and knowhow material on a professional
blog, share photos of the kids on holiday -- on the family-only
photosite...

There has to be a way in which the semantics of a common id used in n
different forums can be distinguished, without inducing cross-culture
violations when there is cross-over references using a URI (which is
SUPPOSED to be universal!). This problem set was what (wrongly) I
thought openID/UCI was all about initially (once I saw XRDS providing OP
switching, for a single claimed_id, each OP providing different security
semantics when issuing its variety of signed claims about a given URL).
Of course this is not UCI. UCI is just the moniker for the
infocard-like notion of controlling the _release_ of some or other
pre-assigned attributes to particular RPs, as controlled by in the midst
of an IDP local auth experience. The protocol's enforcement of UCI
controls are entirely independent of OP discovery controls, in the
design.

Back to cross community use of a single ID (with multiple OPs, one per
community perhaps) - the original topic that set me off on this email.
This just has to be possible without segmenting, say, email URIs totally
off from related discussion forums on which the same URI are being
happily cited, by making such as citations to blog entries a community
violation. Given half a chance, just look HOW FAST one can be accused of
performing thread-breakings, intentional tampering with the
auto-email-archival-based auditing, ...  