[OpenID] Combining Google & Yahoo user experience research

Johannes Ernst jernst+openid.net at netmesh.us
Wed Oct 15 05:26:02 UTC 2008 

What about you charter EAUT as a proper OpenID workgroup, and then we  
talk? ;-)

I really don't understand why it is not if you are serious about going  
in that direction ...



On Oct 14, 2008, at 20:49 , Chris Messina wrote:

> Can I take a poll? With all this talk about email address mapping/ 
> translation -- I'm curious -- how many of you have actually read the  
> EAUT (email address to URL translation) spec?
>
> http://eaut.org/specs/1.0/
>
> It seems like much of this conversation (the productive bits) could  
> be had on the EAUT list [1], in order to move things forward and get  
> the spec in a form that could be taken into an OpenID Extension,  
> which could then pave the way for 1) establishing extension creation  
> protocol and 2) make the spec ready for wider deployment/adoption.
>
> Not that all this talk of DNS and XRI isn't compelling, but I was  
> hoping that we might get a solution in place before I turn 40.
>
> Chris
>
> P.S. I was born in 1981.
>
> [1] http://groups.google.com/group/eaut
>
> On Tue, Oct 14, 2008 at 8:32 PM, Brandon Ramirez <brandon.s.ramirez at gmail.com 
> > wrote:
> It's more than just request -> response.  It's also an intriguing  
> model for information resolution,  where the trust is centralized,  
> but then delegated out.
>
> Why shouldn't it be used for identity resolution as well?  An  
> identity (even more so from a computer's perspective) is merely a  
> small set of data with a chain of trust - just like most DNS lookups.
>
>
> On Tue, Oct 14, 2008 at 10:45 PM, Martin Atkins <mart at degeneration.co.uk 
> > wrote:
> SitG Admin wrote:
> >
> >> Putting it in DNS doesn't change the user-centricness, it just  
> changes
> >> the means of publication.
> >
> > I disagree here; to use military terminology here (as learned from
> > analyses of Trusted Computing) for a moment, your DNS server is  
> not a
> > Trusted party for your personal information! IT does not have  
> access to
> > your personal information; YOU do. If a spammer (or stalker) wants  
> to
> > learn where you live (so they have a physical address for  
> snailmail spam
> > or home invasion), they cannot simply ask the DNS server where you  
> live,
> > because the DNS server does not possess that information - they MUST
> > contact you, the user, directly, and in the process of making that
> > request they not only make you (the user) aware of it, but provoke  
> the
> > distinct possibility that you will simply refuse to tell them!
> >
> > Your reply also suggested, though, that this level of control  
> *can* be
> > present in DNS, which intrigues me :)
> >
>
> I was not suggesting that you should put your physical address or
> telephone number in DNS, just that you can publish in DNS information
> about how that information might be obtained, much as you publish on
> your web site how that information might be obtained.
>
> I'd also like to point out that HTTP URLs are themselves dependent on
> DNS. All you gain by publishing this information over HTTP rather than
> DNS is a couple more layers of indirection. I can't control my  
> identity
> page on MyOpenID any more than I can control the contents of the
> myopenid.com DNS zone.
>
> Additionally, since DNS is a request->response protocol just like  
> HTTP,
> there's no technical reason why you can't log requests and refuse to
> talk to certain clients if you wish. The domain name system is not  
> magic.
>
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
>
>
>
> -- 
> Chris Messina
> Citizen-Participant &
>  Open Technology Advocate-at-Large
> factoryjoe.com # diso-project.org
> citizenagency.com # vidoop.com
> This email is:   [ ] bloggable    [X] ask first   [ ] private
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20081014/c5262d01/attachment-0002.htm>

More information about the general mailing list