Webfinger acct from Sandro Hawke on 2014-05-17 (public-webid@w3.org from May 2014)

From: Sandro Hawke <sandro@w3.org>
Date: Sat, 17 May 2014 19:42:35 -0400
To: Melvin Carvalho <melvincarvalho@gmail.com>
CC: public-webid <public-webid@w3.org>
Message-ID: <fcae59e5-fb4c-4369-b85b-7a163af6d2f9@email.android.com>

On May 17, 2014 5:36:56 PM EDT, Melvin Carvalho <melvincarvalho@gmail.com> wrote:
>On 17 May 2014 19:36, Sandro Hawke <sandro@w3.org> wrote:
>
>>  On 05/17/2014 12:28 PM, Melvin Carvalho wrote:
>>
>>
>> Note: also that webfinger tried to open this can of works and ended
>up
>> minting a acct: URI scheme ... seems like fragmentation is
>undesirable ...
>>
>>
>>
>> Can you summarize the story there, or point to a summary?   I missed
>that.
>>
>
>The idea of webfinger was to get an HTTP URL from an email address that
>gave machine readable information, such as, name, avatar, blog etc.
>
>So it originally looked something like this
>
>/.well-known/webfinger?subject=user@host
>
>But then there was confusion ... was user@host the subject or the
>object.
>It was decided that user@host (ie mailto:) was the object.  Which left
>the
>awkward question, what's the subject?  To tackle this the idea was that
>users have "accounts" at websites.  So a new URI scheme was minted
>acct:user@host, which would be the subject of the query.
>
>So now you go to
>
>/.well-known/webfinger?subject=acct:user@host
>
>But now we have fragmentation of the the common user@host pattern.  Is
>it
>mailto: ? is it acct: ? is it xmpp: is it sip: ? etc.  When do I use it
>as
>a primary key or foreign key at web scale?
>
>Of course here you could have just used mailto: as an indirect
>identifier
>or as a reverse lookup on the object.  But that's not how the spec
>went, so
>things got complicated.
>

Interesting...

I'm think the utility of webfinger is rather reduced in a world where the mapping between email addresses and identity-provider accounts is one-to-many, instead of one-to-one as used to be imagined.

For example, Alice might have two Google accounts, alice@gmail.com and alice@w3.org.     And meanwhile she might have two more accounts at ExampleCorp, using the same two email addresses.   

So when I grant access to one of her accounts using alice@gmail.com, I need to also say whether I'm granting it to the Google or ExampleCorp account associated with that email.

It's kind of a mess.

In practice I think the options are

1.  I send Alice a secret capability URL, which she'll attach to the account or accounts of her choice.

2.  I'll find Alice and some of her accounts through mutual third parties that I trust.  In that case knowing her email address isn't all that useful.

    - Sandro

>A clean architecture is helpful in building things that scale.  Do you
>have
>a specific pain point that we could think about addressing?
>
>
>>
>>        -- Sandro
>>
>>
>>
>>>        -- Sandro
>>>
>>> [1] http://en.wikipedia.org/wiki/Role-based_access_control
>>>
>>>
>>
>>

Received on Saturday, 17 May 2014 23:42:45 UTC