Re: Final Report Editing

On Oct 8, 2010, at 6:10 PM, Melvin Carvalho wrote:

> On 8 October 2010 18:48, Mischa Tuffield  
> <mischa.tuffield@garlik.com> wrote:
>> Hi All,
>> I have made a bunch of language fixes to the wiki (which there are  
>> quite a
>> lot of to be frank), which I am not going to elaborate upon here,  
>> find below
>> a list of concerns/comments I have which I feel should be addresses  
>> before
>> the final report freezes:
>> I have also inject a bunch of comments into the wiki search for :
>> (@@QUESTION
>> 1. Webfinger is mentioned in parts of the document, but doesn't get
>> described in full in section: Identity Standards, and probably  
>> should get
>> its own section. Currently there is a bit of text in the OpenID  
>> section, I
>> think it should get its own subheading.
>> 2. Para 3 of the "State of the Social Web", states that OpenID came  
>> out of
>> the IIW workshops, is this the truth ?
>
> OpenID was originally a FOAF based protocol, called Yadis by bradfitz
> at livejournal.
>
> http://community.livejournal.com/lj_dev/683939.html
>
> Soon after the IIW community became more involved with steering which
> lead the the Foundation we have today.

IIW #1 had presentations from a variety of user-centric identity  
approches on Day 1
https://www.socialtext.net/iiw2005/index.cgi?day_one

and then on Day 2 used open space to collaborate:

These were the ideas before hand.
https://www.socialtext.net/iiw2005/index.cgi?day_two

These were the sessions called
https://www.socialtext.net/iiw2005/index.cgi?day_two_matrix



It was on this day that there was an a conversation conversation  
between LID Lightweight Identity (developed by Johannes Earnst) and  
OpenIDv1 (developed by Brad).
There was also i-names XRI in the conversation.

Here is JOhannes' post about the outcome of the conversation
http://netmesh.info/jernst/digital_identity/movement-in-the-personal-digital-identity-market-announcing-yadis

December meeting
http://netmesh.info/jernst/digital_identity/the-yadis-meeting-yesterday

December posts on Yadis
http://netmesh.info/jernst/digital_identity/the-worlds-first-yadis-urls
http://netmesh.info/jernst/digital_identity/more-comments-on-yadis-progress

Febuary POsts on Yadis
http://netmesh.info/jernst/digital_identity/joaquin-asks-me-to-expand-on-how-yadisopenidlid-can-help-reputation


They had a meeting in January

The announcement of Yadis 1.0 at PC Forum in 2006 - http://www.identitywoman.net/yadis-10-is-annouced
http://netmesh.info/jernst/digital_identity/announcing-yadis-10


Photo:
http://www.flickr.com/photos/chrisheuer/57583696/


LID and OpenIDv1 were both using URL's as the identifier but had  
different ways of doing authentication. They understood that users  
should not have to know what kind of URL identifier they had.  That it  
should work regardless so they decided that a common discovery  
protocol was needed.  They looked at XRDS that was part of XRI and  
decided to use something that already existed.

Their was an agreement coming out of IIW #! to keep meeting and figure  
out how to do this discovery and for a moment it was called YADIS -  
(yet another digital identity discovery protocol)  See the website (http://yadis.org/wiki/Main_Page 
) then their was an agreement that this was a LAME brand name and  
decided that OpenID was the best of the bunch and OpenIDv2 was born.

By then sxip (Dick Hardt's protocol) was in the conversation and  
features of it were included in OpenIDv2.

Here is a post I have written about this history and I have included  
Johannes Earnst on this thread how was a driver of this consolidation  
process (he was the brains behind LID)

http://netmesh.info/jernst/digital_identity/the-identity-landscape-of-2006


XRDS became XRD-Simple then XRD.  (http://en.wikipedia.org/wiki/XRDS)

I wrote some about the origins in this post too.
http://www.identitywoman.net/on-openid-progress-part-of-a-bigger-challenge-of-identity-on-the-web

I have also added Phil Windley that I co-produce IIW with to the thread.



>
>> 3. In section "Problems: Usernames and Passwords are insecure",  
>> there is
>> mention of the problem that "most names are taken", I don't  
>> understand this,
>> surely there are more Strings available to be used than there are  
>> URIs ?!?
>> 4. In the identity standards section, there is mention of OAuth, I  
>> am not
>> sure OAuth is an identity standard, if anything OpenID connect is  
>> trying to
>> merge OAuth and OpenID. In my books OAuth is a standard method of  
>> providing
>> access to private resources on the web, and has very little to do  
>> with
>> Identity!

OAuth and OpenID are different things.

OAuth connects two services both under the control of the same user  
and gives them the ability to link them and pass data without giving  
away the password of one to the other.

>> 5. Infocard section. In the 2nd paragraph, there is mention of how  
>> InfoCards
>> are "relatively secure", I don't understand this statement.
>> 6. In the "Profiles" section, "Problem: Can't describe yourself",  
>> there is
>> mention of a figure, either this section should be deleted or the  
>> figure
>> should be found. I think the important parts of this section could be
>> stripped out and but in the "Accessibility" section of the final  
>> report.
>> Sorry, this took so long, I wasn't expecting this to take me this  
>> long,
>> there was quite a lot of editing which needed doing :)
>> Mischa
>> ___________________________________
>> Mischa Tuffield PhD
>> Email: mischa.tuffield@garlik.com
>> Homepage - http://mmt.me.uk/
>> Garlik Limited, 1-3 Halford Road, Richmond, TW10 6AW
>> +44(0)845 652 2824  http://www.garlik.com/
>> Registered in England and Wales 535 7233 VAT # 849 0517 11
>> Registered office: Thames House, Portsmouth Road, Esher, Surrey,  
>> KT10 9AD

-Kaliya
>>
>>
>

Received on Friday, 8 October 2010 21:09:12 UTC