Just catching the tail end of this, but we're fully planning to run deanster, I've got the server space planned, and I'm looking to hire for someone to administer. So all we're doing is making sure its designed in a way we can manage. There's a lot of projects we're going to build on this, and it runs off our main database (we'll be sending out email asking folks to register additional info to fill out deanster profile). This is one that we're completely committed to -- and it would be silly to set up rival deansters off site!
Z Zephyr Teachout Internet Organizing & Outreach Dean for America [EMAIL PROTECTED] Meetup at http://www.deanforamerica.com/meetup Get local at http://action.deanforamerica.com Contribute at http://www.deanforamerica.com/contribute -----Original Message----- From: Joshua Koenig [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2003 12:26 PM To: zachary rosen Cc: [EMAIL PROTECTED]; Zephyr Teachout; Jon Lebkowsky; Ka-Ping Yee Subject: Re: [hackers] Privacy control for profiles >>> We talked about this with Zephyr, and the deal is - if DFA run >>> Deanster >>> then it cannot handle Authentication for the Nodes or they would have >>> to >>> be vetted by DFA (ie official) so I don't think this is possible. >> >> What about the opposite direction? Can unofficial nodes act as >> single-signons for Deanster? All this implies is that Deanster will >> trust an external source for identity validation, a necessary >> component >> of any distributed identity framework. To put it another way, how is >> this different from Deanster accepting MS Passport validation? > > I don't see any problem with the opposite direction. THere shouldnt be > any bad implications of Deanster using trusted node logins that I can > think of. The issue with nodes using Deanster logins is that - if the > nodes authentication is "controlled" by "official" DFA services, then > the > nodes must become official / vetted as well. This make sense? It does make some sense. I think it's a little over-cautious (e.g. MS doesn't have to "endorse" every site that wants to use Passport) but it's not that big a deal. Having it work by allowing local Nodes to be trusted sources for identity is probably better anyway. More of a foundation for distributed architecture. cheers -josh
