Re: ParticipantId

[James Purser]

On Wed, Mar 23, 2011 at 9:35 PM, Daniel Danilatos danila...@google.comwrote:

 Currently, ParticipantId contains an email address. This is not a
 stable long term identifier for a user, and can cause problems. For
 example, let's say Bob Smith b...@example.com leaves the
 organisation, and then someone else Bob Jones takes over the same
 address b...@example.com. Jones could then potentially gain access to
 Smith's waves.


The problem is that any identifier needs to be human readable. The
blah@blahapproach that has been borrowed from email actually works
quite well. In
terms of dealing with naming collisions, people have been dealing with it
for many years now in email, IM and other fields. For instance in your
example above, if there was an existing b...@example.com for Bob Jones and
Bob Smith comes along, Mr Smith would simply be given bob.sm...@example.com
or some other variation on the name.

Generally I think we should leave this bit up to the admins who, being used
to sorting this out will no doubt already have naming conventions for their
users (Generally 2, one they use publically and one they use privately).

-- 
James Purser
Collaborynth
http://collaborynth.com.au
Mob: +61 406 576 553
Wave: ja...@collaborynth.com.au

Re: ParticipantId

[Yuri Z]

I am not sure this should be priority. There are still a few nasty bugs
lurking out there in the code. I suggest - let's focus on spotting and
solving bugs. Address changing and aliases can wait imho.

2011/3/24 Daniel Danilatos danila...@google.com

 The issue is that in practice, names *do* in fact get recycled by
 not-so-careful admins. On rare occasions it may even be the right
 thing to do - it's up to the administrators to make a judgement call.

 There is a difference regarding what we've been dealing with for
 years. If I delete an email account and recreate the same email
 address, the new user doesn't have access to the old user's emails.
 But waves are shared objects, they're not stored in a user's account,
 and they may not even be stored on the same server due to federation.
 So by taking over the address, I now might have access to the previous
 user's personal correspondences.

 Adding an opaque id doesn't solve the general confusion that might
 happen if a new person takes over an address, but it does solve the
 more serious issue of giving access to someone else's data.

 As an aside, this might also allow us to implement a relatively
 painless way for a user to change their address, or to implement
 aliases.

 Dan

 Στις 24 Μαρτίου 2011 9:59 π.μ., ο χρήστης James Purser
 jamesrpur...@gmail.com έγραψε:
  On Wed, Mar 23, 2011 at 9:35 PM, Daniel Danilatos danila...@google.com
 wrote:
 
  Currently, ParticipantId contains an email address. This is not a
  stable long term identifier for a user, and can cause problems. For
  example, let's say Bob Smith b...@example.com leaves the
  organisation, and then someone else Bob Jones takes over the same
  address b...@example.com. Jones could then potentially gain access to
  Smith's waves.
 
 
  The problem is that any identifier needs to be human readable. The
  blah@blahapproach that has been borrowed from email actually works
  quite well. In
  terms of dealing with naming collisions, people have been dealing with it
  for many years now in email, IM and other fields. For instance in your
  example above, if there was an existing b...@example.com for Bob Jones
 and
  Bob Smith comes along, Mr Smith would simply be given 
 bob.sm...@example.com
  or some other variation on the name.
 
  Generally I think we should leave this bit up to the admins who, being
 used
  to sorting this out will no doubt already have naming conventions for
 their
  users (Generally 2, one they use publically and one they use privately).
 
  --
  James Purser
  Collaborynth
  http://collaborynth.com.au
  Mob: +61 406 576 553
  Wave: ja...@collaborynth.com.au