Comments on: A tincture of trust

By: informationdiet.org » Blog Archive » Sun and OpenID

informationdiet.org » Blog Archive » Sun and OpenID — Sun, 29 Jul 2007 21:19:25 +0000

[…] rules to volunteer someone for a session. But next week at IIW, it will be interesting to hear from Eve , Pat, Hubert or anyone else and understand Sun’s logic behind the decision. Is it […]

By: Phil Windley's Technometria

Phil Windley's Technometria — Mon, 14 May 2007 22:39:09 +0000

IIW2007 Has Begun: Day One Activities

After months of preparation, IIW2007 has begun. Whew! I always feel a big relief when the “train leaves the station” as Mike Jones said. During the introductory presentation Eugene Kim asked how many people were here for the first…

By: Sun Supporting OpenID | iface thoughts

Sun Supporting OpenID | iface thoughts — Wed, 09 May 2007 08:56:02 +0000

[…] services who want to identify Sun employees can completely rely on that. Eve Maler writes down her thoughts about […]

By: orcmid

orcmid — Wed, 09 May 2007 04:09:03 +0000

This is interesting.

I suppose this leads us naturally to whether one wants to use the same OpenId for our different private and public personae.

This strikes me as subject to individual preference and highly-dependent on circumstances. Employers might also caution against use of “in-enterprise” OpenIds for non-business-related purposes. (Edge case: on-line banking at the Credit Union for Sun Employees, if there is one.)

Meanwhile, I notice that I have an e-mail that is a reasonably-successful identifier for me (except when falsified as a sender in spam), and I have a number of IDs that use a *different* common feature that happens to be fairly reliable as an identifier for me as well: xri.net/=orcmid, mylid.net/orcmid, orcmid.myopenid.com, orcmid@msn.com (in continuous use since 1995), and so on.

These are not claims of course, just (weak) identifiers, and they do convey something in appropriate contexts, including pgp.mit.edu:11371/pks/lookup?search=orcmid

Although my self-issued CardSpace Information Card has a different identifer for each Relying Party that it is offered to (if I understand that correctly), the e-mail address that is claimed is the same in all cases and is interpretable as an identifier for me by those who choose to test it in that manner.

The nuances around this sound like worthy social-event conversation at IIW 2007a next week, it being literally in Sun’s backyard and all.

By: Dmitry Shechtman

Dmitry Shechtman — Tue, 08 May 2007 23:16:36 +0000

There’s nothing wrong with Sun’s approach. In fact, that’s exactly what I proposed for a corporate e-journals environment some 5 months ago:

It would be best to establish a corporate OpenID server,
which would automatically provide identities for all employees. As they
already have usernames/passwords, this would be a straightforward process.

By: Eve M.

Eve M. — Tue, 08 May 2007 22:07:10 +0000

Hi Simon– Thanks very much for the comments. I don’t think I made the claim that Sun was the first to do this, though others may have done so. Your examples are somewhat similar to the “email interpretation” activity I mentioned above — people know to expect certain things from certain domains.

I’m glad you gave the link for that post of yours, which was very influential in my own thinking (but which I’d lost track of in the meantime!). The scenarios you mention there are important among the ones we’re trying to explore.

By: Simon Willison

Simon Willison — Tue, 08 May 2007 21:15:40 +0000

I disagree about Sun’s OpenIDs being the first to convey some kind of meaning. An OpenID from LiveJournal OpenID conveys a bunch of meanings: “I have a LiveJournal at URL X”, “An RSS feed of my LiveJournal is available at URL Y”, “A FOAF file detailing my LiveJournal friends is available at URL Z”. Likewise, an AOL OpenID incorporates “You can send me instant messages at this AIM address”.

I’m very much in favour of building intelligent applications around the edges of OpenID, and taking advantage of as much information around an OpenID provider as possible. I wrote more about this concept here: http://simonwillison.net/2007/Feb/25/six/