On 29/11/2007, Daniel Feygin <[EMAIL PROTECTED]> wrote: > My only point here is that we need to distinguish between user ID, > which the container provides with its own guarantees of uniqueness, > and identity attributes published by users themselves. The latter > really should not be used for identity purposes.
Hmm, somewhere along the line the user will have to supply *something* for the container to be able to user if identity is to be shared. I do take your point that without care, there's a lot of opportunity for spoofing, but think we need also to be careful that we don't disenfranchise the user in the process. For example, right now there's a bidirectional chain of authority from my email address through WHOIS through to the profile published on my home page. Ideally it would be possible for me to delegate to that chain, it's probably stronger than anything likely to be available to containers in the near future. > Completely agree that we need a standard vocabulary and syntax for a > lot of these identity attributes/claims. A bunch of those already > exist, btw, so it would potentially benefit OpenSocial to reuse the > already defined vocabularies and syntax (e.g., SAML, OpenID). The relevant terms are already available in FOAF, and there's a well-defined model (RDF) for distributed extension of the vocabulary. Syntax mapping from narrower domain systems to RDF is usually straightforward. I'd suggest this points to it being a pretty good choice for a shared language. A big practical advantage of this approach is that individual systems could choose whichever existing language(s) suited them (SAML, OpenID...) yet could still interoperate through 'well-known' mappings. Cheers, Danny. -- http://dannyayers.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Implementing OpenSocial Containers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/opensocial-container?hl=en -~----------~----~----~----~------~----~------~--~---
