Webfinger and other forms of global account ids

5 views
Skip to first unread message

Pelle Braendgaard

unread,
Sep 26, 2009, 4:06:52 PM9/26/09
to agile-banking
Paypal introduced the concept of the email as an account identifier.
It is simple an elegant and can be matched with disparate systems.
OpenID has the potentially do the same, all though it has caused all
kinds of confusion with non sophisticated users.

I don't think OpenTransact should standardize on a specific account
identifier, only that it should be in someway transformable to a url,
but in many applications it's truly useful to have a kind of global
account ID that can be used across a bunch of different banks, payment
providers etc.

There has been a lot of talk in the recent month or two about
webfinger, which may be the solution I'm looking for:

http://hueniverse.com/webfinger/

It introduces a new URI scheme acct: which is used to identify an
account or person. It is designed to look like an email address, which
in fact it may be.

acct:pe...@stakeventures.com

But it could also be used for internal account schemes. eg. Skype:

acct:berserk...@skype.com

bank accounts:

acct:1234...@somebank.com

There is a simple http protocol defined for converting this into
useful data such as openid server, hcard profile, avatar etc.

Of course as it is a URI there is nothing stopping you from
interchanging with mailto: and http: based account uri's as well.

Thoughts?

P

--
http://agree2.com - Reach Agreement!
http://extraeagle.com - Solutions for the electronic Extra Legal world
http://stakeventures.com - Bootstrapping blog

David Nicol

unread,
Oct 13, 2009, 1:09:06 PM10/13/09
to agile-...@googlegroups.com
On Sat, Sep 26, 2009 at 3:06 PM, Pelle Braendgaard
<pe...@stakeventures.com> wrote:
>
> Paypal introduced the concept of the email as an account identifier.

tipjar did it first, but never mind that

> There has been a lot of talk in the recent month or two about
> webfinger, which may be the solution I'm looking for:
>
> http://hueniverse.com/webfinger/
>
> It introduces a new URI scheme acct: which is used to identify an
> account or person. It is designed to look like an email address, which
> in fact it may be.
>
>  acct:pe...@stakeventures.com
>
> But it could also be used for internal account schemes. eg. Skype:
>
>  acct:berserk...@skype.com
>
> bank accounts:
>
>  acct:1234...@somebank.com
>
> There is a simple http protocol defined for converting this into
> useful data such as openid server, hcard profile, avatar etc.
>
> Of course as it is a URI there is nothing stopping you from
> interchanging with mailto: and http: based account uri's as well.
>
> Thoughts?
>
> P

acct: seems like a perfectly good prefix for this purpose, but begs
the question of why have a prefix at all?

Pelle Braendgaard

unread,
Oct 16, 2009, 10:07:53 AM10/16/09
to agile-...@googlegroups.com
I keep forgetting about tipjar. Duely noted.

I think the main reason the acct is there is for it to fit into a url
scheme and also to signify that it isn't necessarily an email account.

I don't think users necessarily have to enter that acct: when they are
asked for an email address, just like they don't need to enter mailto:
now.

I do think it would be very useful for wideledger and opentransact.

P

David Nicol

unread,
Oct 19, 2009, 9:41:18 AM10/19/09
to agile-...@googlegroups.com
On Fri, Oct 16, 2009 at 9:07 AM, Pelle Braendgaard <pel...@gmail.com> wrote:
>
> I keep forgetting about tipjar. Duely noted.

But PayPal certainly executed the idea well. At the first Yet Another
Perl Conference, I did present tipjar as "A centralized database that
uses your e-mail address as a primary key."

> I think the main reason the acct is there is for it to fit into a url
> scheme and also to signify that it isn't necessarily an email account.

What exactly is the resource that is to be identified with an acct:
uniform resource identifier?

I think some kind of sigil to indicate "this is being used as an
identity string" without context makes sense and "acct:" is as good as
anything else. I believe the topic regularly comes up and gets shot
down on the openID development mailing lists, usually in the context
of proposing to integrate other identity schemes into the openID
standard. The problem is, acct: looks like an URL prefix, when in
fact it is operating at a slightly different layer. Something like
<identitystring>http://openid.tipjar.com/pelle</identitystring> might
make more sense more places, and confuse URL parsers less -- a
standardized XML element for identities.

No, I don't have an openID service set up at that name yet.

> I don't think users necessarily have to enter that acct: when they are
> asked for an email address, just like they don't need to enter mailto:
> now.

And there are URL schemes for the other things that aren't web
addresses, for instance tel: for voice. When there hasn't been a
formal URL prefix declared yet but clearly there could be, for
instance twitter: an acct: prefix might serve sort of like the X-
prefix for non-standard SMTP headers.


> I do think it would be very useful for wideledger and opentransact.
>
> P

>>> There has been a lot of talk in the recent month or two about
>>> webfinger, which may be the solution I'm looking for:
>>>
>>> http://hueniverse.com/webfinger/
>>>

>>> But it could also be used for internal account schemes. eg. Skype:
>>>
>>>  acct:berserk...@skype.com

I think that would more properly be
acct:tel:berserk...@skype.com
to distinguish it from
acct:mailto:berserk...@skype.com

so the prefix turns whatever follows it into an identity string,
without confusing an URL parser. This link is not to be followed to
place a voice call, this link indicates the identity associated with
whatever is to the right of the :.


>>> bank accounts:
>>>
>>>  acct:1234...@somebank.com

is there a scheme in use already for making URLs out of ACH routing? I
imagine (without researching) that something like

ach:<account number>@<routing number>

might be in use already somewhere. Possibly generalized to other
financial transferring mechanisms operating at the same level as the
Automated Clearing House. On the other hand, the big B2B electronic
data interchange mechanisms predate standardized URI schemes and break
things like "payment advice" down into a whole series of message types
each implementing one of a robust set of generally understood
communications.

IN CONCLUSION, TWO POINTS:
1:
I don't think "webfinger" is going to catch on, as I don't think the
problem it is trying to solve exists. Currently people who want to
have their on-line status available have a variety of methods for
making it so, specifically allowing status indicators and logging in
to gmail/ymessgner/facebook/Jabber/MSN/IRC et cetera. Webfinger wants
to be a central hub for this? No central hub is needed, as a modern
instant message client such as pidgin can connect to all the services
and show you the statuses.

2:
I prefer "id:" to "acct:" for a URI prefix to uniformly identify an
"identity" associated with an "identity string."

--
Player Piano by Kurt Vonnegut is a good little novel about a worker's
revolution foiled by deployment of soda pop.

HeresTomWithTheWeather

unread,
Oct 20, 2009, 10:58:15 PM10/20/09
to agile-banking
the nice thing about webfinger is that what follows the acct: scheme
is not limited to an email address. however, for the vast majority of
people, it seems email address will be the default choice. it seems
there is a profound difference between how paypal uses an email
address as an identifier and how webfinger uses one. paypal uses the
email address without any coordination with the authority (hotmail,
yahoo, gmail, etc.) with webfinger, the authority is now a gatekeeper
for information about the account. this is desirable for yahoo,
google and microsoft.

cheers,
tom

otak...@gmail.com

unread,
Nov 5, 2009, 8:56:03 PM11/5/09
to agile-...@googlegroups.com


looks interesting

http://www.safaricom.co.ke/index.php?id=745

I found out about it from this unlikely source

http://developer.ebay.com/community/blog/

(the blog called - 'Banking the Unbanked')




Pelle Braendgaard

unread,
Nov 5, 2009, 9:08:58 PM11/5/09
to agile-...@googlegroups.com
It is one of the most interesting and successful systems out there.
It's also not surprising that something like this came from outside
the banking community.

I understand that Kenyan regulators have been very flexible as well,
which also makes a change.

P
> --
>
> You received this message because you are subscribed to the Google Groups "agile-banking" group.
> To post to this group, send email to agile-...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/agile-banking?hl=en.
Reply all
Reply to author
Forward
0 new messages