This is cool stuff!
EHL
Must play around.
--------------------------------------------------
From: "Eran Hammer-Lahav" <er...@hueniverse.com>
Sent: Friday, September 18, 2009 1:20 AM
To: <webf...@googlegroups.com>
Subject: WebFinger live on Yahoo!
On Thu, Sep 17, 2009 at 5:20 PM, Eran Hammer-Lahav <er...@hueniverse.com> wrote:
>
2009/9/18 Eran Hammer-Lahav <er...@hueniverse.com>:
Nice!
If I'm not mistaken, all this information is already public, but
webfinger makes it a bit more obvious to get to it.
There was a discussion at SW Foo about privacy (I can't remember who
all was in the room, but I suspect a fair number of people on this
list ;-) ), and how do we manage expectations, etc, and the general
consensus seemed to be that showing people that their data is public
is more important that allowing them to pretend that it's private.
This might be a case where people get a bit weirded out that their
data is "now" public, even though it always was, so combining a
precautionary principle (e.g., "do this to enable data sharing") would
be good, but the HTTP cookie example suggests otherwise --- people
were really freaked out, and providing a "click here to turn it off"
button was enough, and left the web better overall (probably!).
Interestingly, the reactions Kaliya describes here are exactly those
of people whose plaintext / unencrypted passwords are being shown to
them for the first time. It's probably better that we try to do this
in a way that very strongly says "we're just showing you this because
it's always been this way, and we're helping you gain control of your
own data, before baddies take it without your knowledge", instead of
just shoving it in people's faces.
b.
If data is already publically accessible that's of course right. I
remember having had a big discussion about privacy at a web monday here
in Germany after somebody explained what XFN is and that twitter exposes
it without user notice.
So it also might depend on the region you are in. We in Germany are
probably a bit more sensible to such things and thus I would rather put
privacy controls in place than simply stating that everything is public
anyway.
There might also be some laws involved regarding privacy and german
networks have to deal with that e.g. in the context of Open Social where
the solution of studivz seems to be to let people create personas per
application (which is the data set this application receives and not
automatically the default profile).This might be a case where people get
a bit weirded out that their
> data is "now" public, even though it always was, so combining a
> precautionary principle (e.g., "do this to enable data sharing") would
> be good, but the HTTP cookie example suggests otherwise --- people
> were really freaked out, and providing a "click here to turn it off"
> button was enough, and left the web better overall (probably!).
>
> Interestingly, the reactions Kaliya describes here are exactly those
> of people whose plaintext / unencrypted passwords are being shown to
> them for the first time. It's probably better that we try to do this
> in a way that very strongly says "we're just showing you this because
> it's always been this way, and we're helping you gain control of your
> own data, before baddies take it without your knowledge", instead of
> just shoving it in people's faces.
>
Agreed.
-- Christian
I am not sure what specifically are you surprised about. All Yahoo! is exposing right now is your profile page which existed for the past 10 years at http://profiles.yahoo.com/screen_name. Were you not aware of that?
EHL
I am not sure what specifically are you surprised about. All Yahoo! is exposing right now is your profile page which existed for the past 10 years at http://profiles.yahoo.com/screen_name. Were you not aware of that?
EHL
> -----Original Message-----
> From: webf...@googlegroups.com [mailto:webf...@googlegroups.com] On
> Behalf Of Henri
> Sent: Saturday, September 26, 2009 8:57 PM
> To: WebFinger
> Subject: Re: WebFinger live on Yahoo!
>
>
Let us also not discount the intelligence of the average users. Our users have also been much smarter than we techies would like to believe.
The internet has been around since 1994, and users have been smart enough to create their own distinct "real" accounts and "party" accounts.Who told them to do it that way in the mid 90's? Nobody. They figured it out for themselves.So let us not get paranoid about this issue, and let us techies concentrate on the technicalities.
For the moment, I think these announcements are still useful (though
subject line conventions are probably a good idea). However, I
wouldn't mind seeing maybe a page on the wiki listing known client and
server implementations.
-Bob