Somebody claiming to be tyler gillies wrote:
> What do you guys think of this idea?
We have internet-wide UIDs already, operated through registries. They are
called URIs. schemes are registered, and then the scheme designer decides
how sub-parts are to be registered (such as HTTP using DNS through ICANN,
URN:ISBN using the ISBN registry, etc).
- --
Stephen Paul Weber, @singpolyma
Please see <http://singpolyma.net> for how I prefer to be contacted.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQIcBAEBCAAGBQJLn9v1AAoJENEcKRHOUZzeliMP/0GGZ8gu6zeho5j93j3qWMFA
o/uwNBLmn8zyPPXbHi2b0Zzta8KV+EGlUukeyHKA935vX/Bt6wI0qcABz1H9+1pG
uksBtrOF4nP5YZPJMINodoylABVVRIUB1ESQYCyWmyMEH5JXM5r4gNSBVxPS1R/X
OahHWXULzrsypbqrrrs3r3rO0jmeFBA9D219mmnkrRO5mC76g4tOCj78gxqpiPo9
ARvO5Ynyw0BST8TzxaXC+cIzCJKsFLexTQHG/Uh0xLFFMCvazYvo9EI6bMEChwR6
AGAp7TiVi+xUTtP97uQqAI6dpNMLyPcsyK6+IxdAhzkWdenCxuwWVmYrp50sQrFC
J6QDS+L383O6WMwx3HMcG3B4hXs6drNsEuBYU1aE1mUQUBkQzHladBQsJMAKMJJA
Sdjoe4c3M3vWf3Le47oIHq4EHXMJv07YlOBV+8TewK0ceAa8Yfj1gTdZAKdligg3
vrf/djorJi3SlBCesItxThp26PnntjrW8nuzIXKNz7ZcnbcfEo7Y54Cg6kl11QzU
gyDCX0mWcgtIIcpbEbwg+3g2nykeFvDVD+XBXggxtB9DveKIpJilZh8WGLWeYLrR
WCqu3psOUbg8ReHJ7HoCwmWi5dd5cnt2VZX55VoHGHtI3pxaELVpngMm0eYWO30D
Ho/idBaTEu+35ivVhsGf
=LPX5
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Somebody claiming to be tyler gillies wrote:
> What do you guys think of this idea?
We have internet-wide UIDs already, operated through registries. They are
called URIs. schemes are registered, and then the scheme designer decides
how sub-parts are to be registered (such as HTTP using DNS through ICANN,
URN:ISBN using the ISBN registry, etc).
- --
Stephen Paul Weber, @singpolyma
Please see <http://singpolyma.net> for how I prefer to be contacted.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQIcBAEBCAAGBQJLn9v1AAoJENEcKRHOUZzeliMP/0GGZ8gu6zeho5j93j3qWMFA
o/uwNBLmn8zyPPXbHi2b0Zzta8KV+EGlUukeyHKA935vX/Bt6wI0qcABz1H9+1pG
uksBtrOF4nP5YZPJMINodoylABVVRIUB1ESQYCyWmyMEH5JXM5r4gNSBVxPS1R/X
OahHWXULzrsypbqrrrs3r3rO0jmeFBA9D219mmnkrRO5mC76g4tOCj78gxqpiPo9
ARvO5Ynyw0BST8TzxaXC+cIzCJKsFLexTQHG/Uh0xLFFMCvazYvo9EI6bMEChwR6
AGAp7TiVi+xUTtP97uQqAI6dpNMLyPcsyK6+IxdAhzkWdenCxuwWVmYrp50sQrFC
J6QDS+L383O6WMwx3HMcG3B4hXs6drNsEuBYU1aE1mUQUBkQzHladBQsJMAKMJJA
Sdjoe4c3M3vWf3Le47oIHq4EHXMJv07YlOBV+8TewK0ceAa8Yfj1gTdZAKdligg3
vrf/djorJi3SlBCesItxThp26PnntjrW8nuzIXKNz7ZcnbcfEo7Y54Cg6kl11QzU
gyDCX0mWcgtIIcpbEbwg+3g2nykeFvDVD+XBXggxtB9DveKIpJilZh8WGLWeYLrR
WCqu3psOUbg8ReHJ7HoCwmWi5dd5cnt2VZX55VoHGHtI3pxaELVpngMm0eYWO30D
Ho/idBaTEu+35ivVhsGf
=LPX5
-----END PGP SIGNATURE-----
--
You received this message because you are subscribed to the Google Groups "Open Web Foundation Discussion" group.
To post to this group, send email to open-web...@googlegroups.com.
To unsubscribe from this group, send email to open-web-discu...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/open-web-discuss?hl=en.
--
You received this message because you are subscribed to the Google Groups "Open Web Foundation Discussion" group.
To post to this group, send email to open-web...@googlegroups.com.
To unsubscribe from this group, send email to open-web-discu...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/open-web-discuss?hl=en.
> yeah so you explained what a URI is.
>
> my plan was to get an IETF spec that was the defacto way to identify a user
> so that we can have continuity across every site
Just take any URL. Put a foaf document there. And voila!
One of mine is http://bblfish.net/#hjs
You can run rapper from redland on it
$ rapper -i rdfa http://bblfish.net/#hjs -o turtle
And find out that it refers to a person, my email address, my public key, etc, etc..
Henry
>> open-web-discu...@googlegroups.com<open-web-discuss%2Bunsu...@googlegroups.com>
> my plan was to get an IETF spec that was the defacto way to identify a
> user so that we can have continuity across every site
Jeremie Miller came up with this a while back:
http://tools.ietf.org/html/draft-miller-microid-01
But it's different across sites.
Peter
So we are back to foaf! Good concepts seem to stick around.
Doesn't foaf give you the ability to encrypt email addresses within the foaf file? I think so...
> foaf seems too verbose.
what's verbose about http://bblfish.net/#hjs ?
> why not just have a single identifier?
That's a single identifier. It a Universal Resource Identifer in fact. By definition it can only refer to 1 thing.
> only make
> things as complicated as they need to be is my thinking on this on
Indeed nothing could be simpler. The whole web is built on this, that's how simple it is.
------------------------
> That requires a lookup. im not talking about a webfinger-esque protocol.
> just a simple identifier.
> if your domain expires, your system breaks.
> with a generated hash there is no dependency on a web host
This is the simplest possible lookup. An HTTP GET. The whole web is based on that, and it's been around for 20 years or so. Sure things sometimes dissepear, as things do. But that you will have with any protocol or lookup system.
Here it is easy to link to other identifiers. So for example below you will see a number of owl:sameAs links. One identifier links to 2 other identifiers, with claims of identity. If one day one of them would go down, you could check the others too...
$ rapper -i rdfa http://bblfish.net/#hjs -o turtle
rapper: Parsing URI http://bblfish.net/#hjs with parser rdfa
rapper: Serializing with serializer turtle
@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix : <http://www.w3.org/1999/xhtml> .
@prefix cert: <http://www.w3.org/ns/auth/cert#> .
@prefix foaf: <http://xmlns.com/foaf/0.1/> .
@prefix owl: <http://www.w3.org/2002/07/owl#> .
@prefix rsa: <http://www.w3.org/ns/auth/rsa#> .
@prefix dc: <http://purl.org/dc/terms/> .
<http://bblfish.net/>
dc:conformsTo <http://www.w3.org/TR/rdfa-syntax> ;
a foaf:PersonalProfileDocument ;
<http://www.w3.org/1999/xhtml/vocab#icon> <http://bblfish.net/favicon.ico> ;
foaf:primaryTopic <http://bblfish.net/#hjs> .
<http://bblfish.net/#me>
owl:sameAs <http://webid.myxwiki.org/xwiki/bin/view/XWiki/hjs#me> ;
foaf:blog <http://bblfish.net/blog/>, <http://blogs.sun.com/bblfish/> .
<http://bblfish.net/#hjs>
owl:sameAs <http://bblfish.net/people/henry/card#me> ;
foaf:aimChatId "unbabelfish" ;
foaf:mbox <mailto:henry...@bblfish.net> ;
foaf:name "Henry Story" ;
foaf:openid <http://bblfish.net/> ;
foaf:phone <tel:+15109315491>, <tel:+33970448664> .
[]
a rsa:RSAPublicKey ;
cert:identity <http://bblfish.net/#hjs> ;
rsa:modulus """9D ☮ 79 ☮ BF ☮ E2 ☮ F4 ☮ 98 ☮ BC ☮ 79 ☮ 6D ☮ AB ☮ 73 ☮ E2 ☮ 8B ☮ 39 ☮ 4D ☮ B5
26 ✜ 68 ✜ 49 ✜ EE ✜ 71 ✜ 87 ✜ 06 ✜ 32 ✜ C9 ✜ 9F ✜ 3F ✜ 94 ✜ E5 ✜ CB ✜ 4D ✜ B5
12 ☮ 35 ☮ 13 ☮ 69 ☮ 60 ☮ 81 ☮ 58 ☮ 79 ☮ 66 ☮ F3 ☮ 79 ☮ 20 ☮ 91 ☮ 6A ☮ 3F ☮ 42
5A ✜ F6 ✜ 54 ✜ 42 ✜ 88 ✜ B2 ✜ E9 ✜ 19 ✜ 4A ✜ 79 ✜ 87 ✜ 2E ✜ 62 ✜ 44 ✜ 2D ✜ 7C
06 ☽ 78 ☽ F8 ☽ FD ☽ 52 ☽ 92 ☽ 6D ☽ CD ☽ D6 ☽ F3 ☽ 28 ☽ 6B ☽ 1F ☽ DB ☽ CB ☽ D3
F2 ☮ 08 ☮ 34 ☮ 72 ☮ A2 ☮ 12 ☮ 75 ☮ AE ☮ D1 ☮ 09 ☮ 17 ☮ D0 ☮ 88 ☮ 4C ☮ 04 ☮ 8E
04 ☾ E5 ☾ BF ☾ D1 ☾ 41 ☾ 64 ☾ D1 ☾ F7 ☾ 89 ☾ 6D ☾ 8B ☾ B2 ☾ F2 ☾ 46 ☾ C0 ☾ 56
87 ☮ 8D ☮ B8 ☮ 7C ☮ C6 ☮ FE ☮ E9 ☮ 61 ☮ 88 ☮ 08 ☮ 61 ☮ DD ☮ E3 ☮ B8 ☮ B5 ☮ 47 ♥
"""^^cert:hex ;
rsa:public_exponent "65537"^^cert:int .
Wow! Great article. Thanks for posting!
--Steve Repetti
Somebody claiming to be tyler gillies wrote:
> my plan was to get an IETF spec that was the defacto way to identify a user
> so that we can have continuity across every site
>
> you can pick an arbitrary URI, but that kinda defeats the whole purpose
If the identifier is just going to be unique and opaque, then how does
reuing existing ones defeat the purpose?
- --
Stephen Paul Weber, @singpolyma
Please see <http://singpolyma.net> for how I prefer to be contacted.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQIcBAEBCAAGBQJLn/2JAAoJENEcKRHOUZzeiyEQAKCeVRUP95W1QWdC73bvi6dT
wD74gLIGc1GbUaU6QFQBK566N62kmplxZ/t0p+VWKE3YmdF15xdGMGJltPwKF5/p
nRnFK5Bd7kOsLe80A8DdE4SijPl/hpTxQVU2Pa9XDsthO5t/K8BndEm+HQ03UcUx
QcbcQ4n5KKzZg/GnanKW4OluLQygOGi8QCLPYzMMNHiAvKpVOYngPg4d/VspxKWI
2vLEurVSGgkDunYTHKZ0N23Mms7ovrti2v0ycWlW/vlEMRot6S/mi6gTQRrw611u
MQ+H5tBableGjxzMuVIlwhbm4NpZTFMCUTK0uNa/t1ES6oQFeUs62cZKCWlfKATp
QrIbV8M24JJwpnol9xpXxY+vPMrrZ3wg4Tu+W6kl2VYoofnAruBSiIRtT/8lY+dR
D6Rqixe78sMKSbQ6Z0qlrNm9yIgCYKyfywxJBldj230jXCd2umx3zLlIgml2eXeM
rgIQxJVIM9fwVkdbM0ZXv1OotS15aGq43OMD6XYQ6jw9BGz3BKPIsMXWOGiMhtDn
NvIW4I6nReteC1dn64DJTPwDctqg2p8EuZz1L387Dcr3KcRWQsFug9UkEpTk1AJC
i5c+PeWkrNg/bncpewd0TX7sWA4CwarlV9Jt3WC0FTYruWXY69CPjlQ8r7xX4eEG
+o0zzzUHFk8USi4iGSAp
=1zfd
-----END PGP SIGNATURE-----
Somebody claiming to be tyler gillies wrote:
> That requires a lookup. im not talking about a webfinger-esque protocol.
> just a simple identifier.
> if your domain expires, your system breaks.
If your email address changes, a hash of it is no longer great either.
That's part of what I like about just using URIs, you can choose them to be
as stable (ISBN) or unstable (acct:/maito:) as you want.
- --
Stephen Paul Weber, @singpolyma
Please see <http://singpolyma.net> for how I prefer to be contacted.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQIcBAEBCAAGBQJLn/4JAAoJENEcKRHOUZzevfgP/3micnHUYtOLS2TOY2Q46BKV
Pu5yYmqin53SmzeSgeVKFXzxvHAPmYPKN40snszweqaSHhruzbNLcEKp3EP6T6fH
bKDEroyx+OFBdDG8rBigcci32ItjKw4hRaBILuTK5F51ckFxbxLKUu2wx95L4vbp
bkYZs01t6eZYctiIHGMKL1puzZIEzgkexK6I3feA1PL6zeHCOqY7TcU0+yJbCWkW
ORmzcjmBz5DD79YjnMUsxAQQGpUtFpVopvKwGa17UJW9tdSS615bGxPMEQA+wRlQ
muXeRyZDJpVJrlAjSp+8liWmPoEsSDpDAfQqCgrZQ104WF4j0GlaI87etu9i9toW
/I03GtV5Z6p7PioRlkZHA5QJejdNj4J7Y4qzsRPf9S33XNaTKbLsqsLQGrwTNpFH
+HnbdA1VZTtO+IPUNmDFbuITOFcXrQS1ZcfHCClD7e/HuSIVIpHmiSbXXj5enbgp
pOm0roMp68olvXlEVS63uE82/ER4TxOX3PMxeH4M4GEc9dDE3wP87NvvFEZhsQ2G
XirtgQ/+DAtFRPPahhod6iJCziWvhD4KrSTUCFULFeGpY5BxCsLGx7iv1rWqxI01
/SC5GECGRCJ9XerZaHSpPXZGefI1ph/Z9qI/0AJezMryif8JjH1ddZOvclakLrIl
IJWhtS9j8C8wrUv0Kx1H
=ZmZv
-----END PGP SIGNATURE-----
-----END PGP SIGNATURE-----
--
You received this message because you are subscribed to the Google
Groups "Open Web Foundation Discussion" group.
To post to this group, send email to open-web...@googlegroups.com
For more options, visit this group at
If there's not an issue of security (some nations would use this type
of identifier against their people)
So let's presume an opt in, this is me identifier that gets put into
an HTML header. How do we idntify ourselves outside of the net?
Usually by other people we trust (trusted ID sites), and state and
federal IDs (license and Social security numbers). Companies often ask
our mother's maiden name, physical address, etc.
So to know that me or you wrote a page we could potentially use
several authentication methods.
Trust, ID, other information (I like pointing to other URLs that point
back)
interesting question, the founding fathers had it easy. They'd just
sign paper, sometimes under pseudonyms..
What is the exact issue you are trying to solve?
1. Use cases?
2. How that would be implemented?
3. Barriers to adoption?
--
Karl Dubost
Montréal, QC, Canada
http://www.la-grange.net/karl/