LID again
2005-01-19 19:57:31.383833+00 by
Dan Lyke
16 comments
So speaking of trusted users, I just talked with Johannes Ernst of NetMesh about a few applications of LID. I'm not yet sure how this is going to be a part of the next big thing, but I think it is.
So, if you're a geeky person, you might want to take a moment to set up a LID page for yourself. I've got a bunch of code written to make your Flutterby user info page a LID URL, but based on the conversation we just had I think I need to do the other side of that sooner, and make Flutterby able to log in LID users.
Meuon, we need to talk. Probably voice, not just email, but I'll send you a note in a bit.
[ related topics:
Interactive Drama Archival
]
comments in ascending chronological order (reverse):
#Comment Re: [Entry #7621] LID again made: 2005-01-19 21:31:04.619986+00 by:
Unknown, from NNTP
If you've got an idea on how I can implement this without commandline
access to the server my website is running on I'd implement it.
#Comment Re: made: 2005-01-19 21:38:49.764876+00 by:
Dan Lyke
I'll work on it for ya. I think I'm understanding things now, and you'll probably need a "run once" throw-away CGi script.
By the way, Larry, is your email in your NNTP client different from the Flutterby user one, and can we fix that so that your user name shows up appropriately? I'm going to have to expand the notion of users anyway to handle the LID stuff, maybe I should just fix NNTP then.
#Comment Re: [Entry #7621] Re: made: 2005-01-19 22:01:04.319777+00 by:
Unknown, from NNTP
I can probably figure a way around it using CRON but that isn't
completely optimum for feedback from the process.
Oh and the email is probably different. I think I changed that a while
back when the spam got too heavy on the account this NNTP client is using.
#Comment Re: made: 2005-01-19 22:26:27.578505+00 by:
Dan Lyke
You could sync them in the user info page, and we'd see a real name (rather than "Unknonw, from NNTP") on the comments.
#Comment Re: [Entry #7621] Re: made: 2005-01-19 22:46:04.707843+00 by:
Unknown, from NNTP
Dan Lyke wrote:
> From the weblog entry at
> http://www.flutterby.com/archives/comments/7621.html
>
> You could sync them in the user info page, and we'd see a real name
> (rather than "Unknonw, from NNTP") on the comments.
>
But where's the fun in that? ;)
Actually, I just checked there and they are the same. l a r r y
@dallasbay.net is in both places.
#Comment Re: made: 2005-01-19 23:05:08.857905+00 by:
Dan Lyke
Hmmm... Okay, I'll see if I can figure that out.
#Comment Re: made: 2005-01-20 01:11:14.057919+00 by:
meuon
Larry, what you really need is LIDentity.com..
#Comment Re: made: 2005-01-20 16:10:37.127598+00 by:
Shawn
I looked over the LID white paper after your original post. It certainly piques my geek interest, and I'll definately be setting up a LID page, but I'm not convinced it can make it into the next-big-thing category.
I've got to run off to work now, but I'll try to get back to expound on that opinion later today.
#Comment Re: made: 2005-01-20 16:14:23.39023+00 by:
Shawn
Larry, according to the installation instructions, aside from software that needs to be installed everything can be done on a computer you control and then uploaded to the server.
#Comment Re: made: 2005-01-20 17:07:24.545143+00 by:
Dan Lyke
Shawn, I'm going to try to write up something more on this (talking about how the original microcomputer revolution decentralized computing, the web re-centralized it, and the next technology boom will involve decentralization again), but what is convincing me isn't just that it's a single sign-on solution, it's that it's also a protocol for retrieving FOAF, vCard and similar personal metadata, and associating all of those things with a single URL.
- In conjunction with Apple Rendezvous and a little glue code, when
everyone sits down at a conference and opens up their computers it
can become an exchange of business cards. With appropriate HTTP 3xx,
redirects, it can even become a tool for "This person who just contacted
me learned about me at conference Z". Or it can just be the token exchanged
from cell phone to PDA over IR, ZigBee or Bluetooth.
- As a sign-on system for weblogs it can become an immediate tool for
networks of trust. For instance: you sign on with LID, the system
sees that you have me in your FOAF, recognizes me, via my LID URL
checks my FOAF, sees that you exist in mine under some category
other than "seen this guy once", and decides that links in your
comments and posts don't need a
rel="nofollow"
tag.
- As a mechanism for keeping contact information updated, it can be a way
for me to subscribe to dead-trees publications: Every month the magazine
scans my LID for my vCard data, if that changes they change where
they mail my magazine.
- As a sign-on for commercial sites, it can be a tracking mechanism. Say
I run an online publication that charges users for access. I have a
billing mechanism in place. I get syndication rights to another such
publication. We can share that authentication to pass a user over to the
second sight transparently.
And the list goes on.
#Comment Re: made: 2005-01-20 20:08:07.578406+00 by:
Shawn
Your list is good, and I can definately see LID as hot new technology to support that. As you note, the potential applications are numerous and exciting.
It's the commercial/e-commerce SSO aspect that I don't see getting off the ground in any substantial way. As a consumer, I love the features and control over my own identity/information that LID provides. But businesses (in this country, at least) have made it clear that they want expect demand that control. I just don't see commercial entities adopting a system that forces them to give up their strangle-hold on the consumer. And if businesses don't support it then it's not going to be useful to have one - for e-commerce, at least.
As I said, however, I am still planning to set one up. And actually, LID is turning out to be the gateway technology that is potentially getting me interested in vCard and FOAF.
On a more technical note, I was a bit taken aback that the GPG signing is done without a passphrase. I understand the logistical reasons why it needs to be this way, but that still represents a potential security hole. I guess I'm not so much bothered by the blank passphrase itself as I am by the apparently cavalier attitude about it. There is no mention of the fact (at least not in the installation docs) that generally this practice is a bad idea, but that there's really no good (simple?) way around it in an automated process.
#Comment Re: made: 2005-01-20 20:50:56.756012+00 by:
Dan Lyke
I think that the subversive aspects of this technology are good enough that eventually the bigger players will have to adopt it. You probably don't remember HTML versus RIP, but I remember one of the RIP developers telling me that they were going to beat HTML because they allowed control over layout issues better, and their customers (the major newspapers) wanted that control. A few years later PDF came along and got the small portion of the market that the RIP folks thought was everything, but only after the users had spoken that they really wanted a repurposable format for most of the market. We see the same thing in RSS today: It's ascending largely because users want content without layout.
Similarly, I think that decentralized authorization will gain critical mass. Meuon's got an application that both commercial parties will want. Six Apart and Blogger are going to have to implement something to keep up with the community features of LiveJournal, it'll have to be something decentralized because they don't own enough of the market to dictate it, and LID could be the start of that.
But no, it's not going to come down that eBay or Amazon implement it soon; if this succeeds it will be as a bottom-up technology.
#Comment Re: made: 2005-01-21 07:41:05.64542+00 by:
Shawn
[edit history]
I don't see [the SSO aspect] making it even from the bottom up in commercial markets. You're right, I've heard the term RIP(wasn't that a BBS architecture?), but I don't remember any specific competition with HTML.
As for RSS and blogs, I don't think that's an appropriate comparison. By and large, blogs are not commercial enterprises. I can see LID making it big in the blogging - and related - circles, but I'd bet even money that it'll never take hold in commercial markets. 'Course it could be that I'm just cynical.
#Comment Re: made: 2005-01-21 12:41:38.805569+00 by:
meuon
[edit history]
Shawn, Done right, the way lid does it's SSO (Single Sign On) can be implemented without the user having anything to do with it. Dan's hot over the social networking, I have SSO applications that this would be useful for.
IE: You go to etrade.com, login as your normal self. You are given a LID cookie,
and while playing at Etrade, you click on an article that links to internal/private content at the Wall Street Journal. Normally, you would have to subscribe to the WSJ.. But Etrade has an agreement to pay/access WSJ. Etrade passes your Etrade LID url (say: lid.etrade.com/shawn/) to WSJ and WSJ authenticates you as both a valid etrade user, whom logged in 3 minutes ago, and as a person who should be therefore granted access to the WSJ article. - Sure, there are 69 other ways to do this, but using LID is a good way, and could possibly be a 'standard' way to do this across sites. And you do not even had to know about your LID url in this context, it's something Etrade just made work.
I'm just playing right now.. http://www.downloadalife.com/meuon and soon,
http://meuon.lidentity.com -
#Comment Re: made: 2005-01-21 15:44:26.789366+00 by:
Shawn
Okay, I can see that. I hadn't considered the B2B possibilities.
#Comment Re: made: 2005-01-25 03:04:07.939583+00 by:
meuon
Reasons for a personal ident check..
http://www.theregister.com/2005/01/24/ebay_pesa/
"One of our main gripes is the ease at which someone can join eBay using false details. At the moment anyone can complete the online registration forms and put in any made up address they desire." This, he fears, leads to "auction wrecking" and other disruptive behaviour which goes to undermine consumer and etailer confidence."
Just adding for future refernce..