If you mean, someone at 'BenWardSmellsAwful.com' (don't register that, please) writing an hCard and linking to ben-ward.co.uk/about with rel="self me", the relationship is such that the Fake Ben's hcard is discarded in favour of my real one. This does not allow someone to describe 'this hCard here is the authoritative version of that one over there'. The direction of parsing disallows fakes.
Yes, but what if someone registers ben-ward.net and puts up a fake card on that site. Then he goes and publishes a partial hCard on myspace and points to ben-ward.net/about with rel="self me". He's effectively hijacked your identity and/or caused confusion and there's no real way to verify who's who or who's telling the truth. It may not be such a big deal now, but if microformats are to grow and begin to be integrated into who knows what apps in the future, there may be a need to authenticate the validity of the authoritative hCard. Now I understand that it's not up to the microformat to actually do any authentication. But I think it makes a lot of sense to build a mechanism into it that allows you to include a piece of verifiable data (such as a hash or some other token) that could then be checked against an authentication service or a file in the root of your own domain (à-la Google Analytics). I don't have any immediate ideas on how best to semantically do this, but the concern popped into my head rather early on and I felt that maybe now would be the time to bring it up. Cheers, A. _______________________________________________ microformats-discuss mailing list microformats-discuss@microformats.org http://microformats.org/mailman/listinfo/microformats-discuss
