W3C home > Mailing lists > Public > public-xg-webid@w3.org > January 2012

Re: your gut feeling on validation-centric governance

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Tue, 3 Jan 2012 21:17:21 +0100
Message-ID: <CAKaEYhKutmvWU_BOMB-iQN31ShpScounoksnHYD0gO4xnHgQzQ@mail.gmail.com>
To: Peter Williams <home_pw@msn.com>
Cc: "public-xg-webid@w3.org" <public-xg-webid@w3.org>
On 3 January 2012 21:00, Peter Williams <home_pw@msn.com> wrote:
>
>
> The site you demonstated popped up an IDP selecter. One element was a webid icon. Notably, the openid icon was not there.
>
>
>
> Give me your gut feeling on the undering issue (hinted at in my last sentence, above).
>
>
>
> 1. in the openid world, the trade groups WANTS IDP-COMMUNITY CONTROL over such UI, at the relying party. ANd, they are formualting standards to that effect. These tie up discovery-control with UI guidelines, that are somewhat "controlling". They enable hub/spoke trust modelling, openid style, typical of US serice bureau mega-business models.
>
>
>
> 2. the mozilla world wants javascript to control discovery, with centralized contorl over the locations where the trusted javascript can be obtained ( so controlling discovery, indirectly).
>
>
>
> 3. in the windows azure world, Ive already shown how one can have a cloud provider deliver such a selector, and indeed gateway openid to non-openid native websso management domains. This cuts out folks doing 1 - as there is an intermediary in the way.It competes with 2, as its an alternative bit of javascript/json, for making popup UIs. Nothin in the azure model forces one to use the discovery data in said realm manager however (its just a helpful first coding, that you can dump if you wish).
>
>
>
> 4. there is the world of windows 8 and visual studio 11, it comes with high-profile wizards that build websso powered webapp sites, with realm selectors pointing at google, facebook etc (and openid generally). These selectors are based in local code, for programer to amend.
>
>
>
> These are the four cases. And, each reflects a philosophy of how websso gets delivered (to RP sites). Some want more control than others, with the coders paradise as the final resort.
>
>
>
> Which if these issues were important to you, when making that app? Was there an agenda, in your experience? (For others DO have agendas in controllign RP, at the discovery stage). Big bucks is deemed to be associated with controlling the consumer's VIEW of IDP-land, via the realm selector.
>
>
>

Dont really have a strong view on this one.

As a developer I want two things

1. People to login
2. To know some information about that user

I added WebID support because I want to leverage linked data.

I added facebook support because I have a lot of friends there

I added gmail because that's what I use

And I added yahoo for a few 100 million more users

The list could change over time.  OAuth 2 gives me 100s of millions of
users, the con is that via a trusted third party, my app or the user
can be turned off at any time.  The advantage of WebID is total data
freedom.

At this point the methods I think worth supporting are:

WebID -- Linked data power / data freedom
Facebook -- linked data via open graph / 500 million useres
GMail -- Support for the emmerging Google plus platform

This could change over time, but support for WebID should hopefully be
a constant ...

>
>
>
>
>
>
>
>
>
Received on Tuesday, 3 January 2012 20:17:48 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 3 January 2012 20:17:48 GMT