On 5 August 2013 14:50, Michael Rogers <[email protected]> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 05/08/13 13:23, Melvin Carvalho wrote: > >> 9) Multiple identity - you should be able to maintain multiple > >> identities > > > > I was hoping to propose 2 aspects on this: > > > > 9.1 _Privacy > > > > _ It should be possible to log in to socialnet 3.0 without > > compromising a user's privacy. For example, if I have a gmail > > address, there should be an option to log in without informing > > google. > > > > 9.2 _Identity Freedom > > > > _ No style of identity should be forbidden by design. If a > > project says 'we only will accept GPG keys' or 'we only will accept > > email' or 'we only will accept http profiles' or 'we only will > > accept xmpp' or 'we only take psyc URIs' -- then you are going to > > get balkanization. You have to be prepared to allow freedom rather > > than to censor. It's appreciated that not everything can be > > programmed at first, but at least major ecosystems should be aimed > > to be supported. > > > > > > Is there anyone that cannot live with these two goals? > > Hi Melvin, > > There are situations where the two goals would contradict each other - > for example, logging into a system with a Facebook account is > incompatible with maintaining one's privacy. > If you examine the goals carefully, I think you will find that they need not contradict each other. I've just said it should be *possible* to login without compromising privacy. e.g. if I have use gmail for email, I should be able to log in without letting google know, or having to change my email account. This is complementary to having a free (as in freedom) identity style. There's two extremes of thinking in identity. "one identifier to rule them all' -- this hasnt worked and has divided efforts. The other is "allow everything". Neither are ideal, we need more of a polyglot approach, where we have a roadmap of things that are supported (each with a privacy profile) and try and grow them with libraries and patches. Consider as an example that github allows login via username/password, oauth, ssh, or the git protocol. If we agree in principle we should offer at least some privacy as an option, and allow some freedom in identity, we can can make a short list of projects to hack on, and build out the technical libraries to make it work... > > Perhaps we should combine goal 9.2 (identity freedom) with goal 10 > (protocol agnostic) to create a new goal 10: interoperability? As I've > already written on the wiki, I think it's premature to specify that > particular protocols (or client platforms, or login methods) should be > supported. Those are implementation details. We should focus at this > stage on goals that are relevant to users rather than implementers. > > On the wiki I've marked several other places where I think we're > focussing prematurely on implementation details. > > Cheers, > Michael > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.10 (GNU/Linux) > > iQEcBAEBAgAGBQJR/5+cAAoJEBEET9GfxSfMKG4H/0e8ida9veCllb8JOMIqyFRr > iYvLeom9nw3j8pkQdraIyz2cqvt36SPgfCVSD4yQ5IedIeFqtKZ1FCj53A0Ih0n9 > AJr7JOmeIpEloNqJi9LWrg2avjcnlFuPHGKgkLToxPQtMfHya5wFRtCS7BHdPnI6 > JjOrBKg8Oh/ddpI/rZSQqGg/I5x6ssjZp6KJQhE9AwvL0bdL6ucBV6X94NsNZyyf > 76JtTbH8iqKA/G36J9PcJGBjKkkSva3JuHZuarAVlmj9zUkCrf3bedkGAa+87Sdr > zQptmeKGeHCft1uGt2ViM0hIgBzfXROiCLDTO0gL7/bgJs0e+U2Q7/CKLhQW2vs= > =1J4G > -----END PGP SIGNATURE----- >
