RE: [hackers] Privacy control for profiles
Yes, and authenticating users to log onto nodes would constitute "vetting / hosting" correct? -Zack On Mon, 28 Jul 2003, Zephyr Teachout wrote: > Not quite! DFA is planning on running Deanster. We're just not vetting > nodes or hosting them. No reason we can't link to them, map them, and > push them (much like we do w/dean directory). We're just not > controlling, directing, or hosting them. > > Z > > Zephyr Teachout > Internet Organizing & Outreach > Dean for America > [EMAIL PROTECTED] > > Meetup at http://www.deanforamerica.com/meetup > Get local at http://action.deanforamerica.com > Contribute at http://www.deanforamerica.com/contribute > > > -Original Message- > From: zachary rosen [mailto:[EMAIL PROTECTED] > Sent: Monday, July 28, 2003 12:07 PM > To: Joshua Koenig > Cc: Ka-Ping Yee; Jon Lebkowsky; Zephyr Teachout; [EMAIL PROTECTED] > Subject: Re: [hackers] Privacy control for profiles > > > On Mon, 28 Jul 2003, Joshua Koenig wrote > > Deanster could also act as a (Jabber/Drupal) single-sign-on point for > > any Drupal Dean Nodes a Deanster also frequents. > > We talked about this with Zephyr, and the deal is - if DFA run Deanster > then it cannot handle Authentication for the Nodes or they would have to > be vetted by DFA (ie official) so I don't think this is possible. > > -Zack >
RE: [hackers] Privacy control for profiles
Great. I'm working on fields, which are primarily driven by fields here -- Plus. The other plus is info about the nodes they are involved in. Z Zephyr Teachout Internet Organizing & Outreach Dean for America [EMAIL PROTECTED] Meetup at http://www.deanforamerica.com/meetup Get local at http://action.deanforamerica.com Contribute at http://www.deanforamerica.com/contribute -Original Message- From: Joshua Koenig [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2003 11:40 AM To: Ka-Ping Yee Cc: Jon Lebkowsky; Zephyr Teachout; [EMAIL PROTECTED] Subject: Re: [hackers] Privacy control for profiles > I agree. Giving members privacy control over their profile information > encourages them to share more information and add more value to the > database. (It's also respectful and polite.) Preaching to the Choir here. ;) > I've been working on an enhanced profile module -- please use it or > build > off of it if it can help you. Currently, it has the following features > in addition to the standard profile module: We should coordinate on this. Part of my vision is having matching fields between an extended Drupal profile and Deanster. That way when people register for a Drupal Node they can check a box to simultaneously create a Deanster profile. This works both ways: when registering for a Drupal Node, the enhanced registration will ask, "are you a Deanster" and if so it will create a useful default profile from your data there. Deanster could also act as a (Jabber/Drupal) single-sign-on point for any Drupal Dean Nodes a Deanster also frequents. > I'll post a link to this module on the TalentDatabase page. Please > let me know what you think of it. Excellent. I'll review it further. cheers -josh
RE: [hackers] Privacy control for profiles
Not quite! DFA is planning on running Deanster. We're just not vetting nodes or hosting them. No reason we can't link to them, map them, and push them (much like we do w/dean directory). We're just not controlling, directing, or hosting them. Z Zephyr Teachout Internet Organizing & Outreach Dean for America [EMAIL PROTECTED] Meetup at http://www.deanforamerica.com/meetup Get local at http://action.deanforamerica.com Contribute at http://www.deanforamerica.com/contribute -Original Message- From: zachary rosen [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2003 12:07 PM To: Joshua Koenig Cc: Ka-Ping Yee; Jon Lebkowsky; Zephyr Teachout; [EMAIL PROTECTED] Subject: Re: [hackers] Privacy control for profiles On Mon, 28 Jul 2003, Joshua Koenig wrote > Deanster could also act as a (Jabber/Drupal) single-sign-on point for > any Drupal Dean Nodes a Deanster also frequents. We talked about this with Zephyr, and the deal is - if DFA run Deanster then it cannot handle Authentication for the Nodes or they would have to be vetted by DFA (ie official) so I don't think this is possible. -Zack
Re: [hackers] Privacy control for profiles
We talked about this with Zephyr, and the deal is - if DFA run Deanster then it cannot handle Authentication for the Nodes or they would have to be vetted by DFA (ie official) so I don't think this is possible. What about the opposite direction? Can unofficial nodes act as single-signons for Deanster? All this implies is that Deanster will trust an external source for identity validation, a necessary component of any distributed identity framework. To put it another way, how is this different from Deanster accepting MS Passport validation? I don't see any problem with the opposite direction. THere shouldnt be any bad implications of Deanster using trusted node logins that I can think of. The issue with nodes using Deanster logins is that - if the nodes authentication is "controlled" by "official" DFA services, then the nodes must become official / vetted as well. This make sense? It does make some sense. I think it's a little over-cautious (e.g. MS doesn't have to "endorse" every site that wants to use Passport) but it's not that big a deal. Having it work by allowing local Nodes to be trusted sources for identity is probably better anyway. More of a foundation for distributed architecture. cheers -josh
Re: [hackers] Privacy control for profiles
On Mon, 28 Jul 2003, Joshua Koenig wrote: > >>> We talked about this with Zephyr, and the deal is - if DFA run > >>> Deanster > >>> then it cannot handle Authentication for the Nodes or they would have > >>> to > >>> be vetted by DFA (ie official) so I don't think this is possible. > >> > >> What about the opposite direction? Can unofficial nodes act as > >> single-signons for Deanster? All this implies is that Deanster will > >> trust an external source for identity validation, a necessary > >> component > >> of any distributed identity framework. To put it another way, how is > >> this different from Deanster accepting MS Passport validation? > > > > I don't see any problem with the opposite direction. THere shouldnt be > > any bad implications of Deanster using trusted node logins that I can > > think of. The issue with nodes using Deanster logins is that - if the > > nodes authentication is "controlled" by "official" DFA services, then > > the > > nodes must become official / vetted as well. This make sense? > > It does make some sense. I think it's a little over-cautious (e.g. MS > doesn't have to "endorse" every site that wants to use Passport) but > it's not that big a deal. Having it work by allowing local Nodes to be > trusted sources for identity is probably better anyway. More of a > foundation for distributed architecture. Agreed on all counts ;) -Zack > cheers > -josh >
Re: [hackers] Privacy control for profiles
On Mon, 28 Jul 2003, Joshua Koenig wrote: > >> Deanster could also act as a (Jabber/Drupal) single-sign-on point for > >> any Drupal Dean Nodes a Deanster also frequents. > > > > We talked about this with Zephyr, and the deal is - if DFA run Deanster > > then it cannot handle Authentication for the Nodes or they would have > > to > > be vetted by DFA (ie official) so I don't think this is possible. > > What about the opposite direction? Can unofficial nodes act as > single-signons for Deanster? All this implies is that Deanster will > trust an external source for identity validation, a necessary component > of any distributed identity framework. To put it another way, how is > this different from Deanster accepting MS Passport validation? > > Not that I'm recommending this, but you get the point. I don't see any problem with the opposite direction. THere shouldnt be any bad implications of Deanster using trusted node logins that I can think of. The issue with nodes using Deanster logins is that - if the nodes authentication is "controlled" by "official" DFA services, then the nodes must become official / vetted as well. This make sense? -Zack > cheers > -josh >
Re: [hackers] Privacy control for profiles
Deanster could also act as a (Jabber/Drupal) single-sign-on point for any Drupal Dean Nodes a Deanster also frequents. We talked about this with Zephyr, and the deal is - if DFA run Deanster then it cannot handle Authentication for the Nodes or they would have to be vetted by DFA (ie official) so I don't think this is possible. What about the opposite direction? Can unofficial nodes act as single-signons for Deanster? All this implies is that Deanster will trust an external source for identity validation, a necessary component of any distributed identity framework. To put it another way, how is this different from Deanster accepting MS Passport validation? Not that I'm recommending this, but you get the point. cheers -josh
Re: [hackers] Privacy control for profiles
On Mon, 28 Jul 2003, Joshua Koenig wrote > Deanster could also act as a (Jabber/Drupal) single-sign-on point for > any Drupal Dean Nodes a Deanster also frequents. We talked about this with Zephyr, and the deal is - if DFA run Deanster then it cannot handle Authentication for the Nodes or they would have to be vetted by DFA (ie official) so I don't think this is possible. -Zack
Re: [hackers] Privacy control for profiles
I agree. Giving members privacy control over their profile information encourages them to share more information and add more value to the database. (It's also respectful and polite.) Preaching to the Choir here. ;) I've been working on an enhanced profile module -- please use it or build off of it if it can help you. Currently, it has the following features in addition to the standard profile module: We should coordinate on this. Part of my vision is having matching fields between an extended Drupal profile and Deanster. That way when people register for a Drupal Node they can check a box to simultaneously create a Deanster profile. This works both ways: when registering for a Drupal Node, the enhanced registration will ask, "are you a Deanster" and if so it will create a useful default profile from your data there. Deanster could also act as a (Jabber/Drupal) single-sign-on point for any Drupal Dean Nodes a Deanster also frequents. I'll post a link to this module on the TalentDatabase page. Please let me know what you think of it. Excellent. I'll review it further. cheers -josh