Dick, Joaquin, Drummond and all,<br>
<br>
My interest and contribution is less on the technical aspects and more
on the metasystem or human/fundamental rights aspects(*). <br>
<br>
So since (*), read below...(*), specifies that every person can
regulate his virtual personality, my question is if it is possible for
a metasystem to have both...?, and for every person to choose
when using them...?.<br>
<br>
Thank you for your time!. :-)<br>
<br>
=============================<br>
(*) Proposed Virtual Personality fundamental/human right<br>
<span style="font-size: 12pt;" lang="en-US">"Every
person has the <span id="st" name="st" class="st">right</span> to have or not to have a <span id="st" name="st" class="st">virtual</span> <span id="st" name="st" class="st">personality</span>,
where its presence, content and projection is regulated by each one of
them. <br>
</span>
<p><span style="font-size: 12pt;" lang="en-US">It can not be used for discriminatory ends harming its bearer. <br>
</span></p>
<p><span style="font-size: 12pt;" lang="en-US">The
State will guarantee that the information included in the <span id="st" name="st" class="st">virtual</span>
<span id="st" name="st" class="st">personality</span> have the adequate juridical and technical security; with
the exclusion of third parties not authorized that pretend to obtain
it. <br>
</span></p>
<span style="font-size: 12pt;" lang="en-US">The
State could use the content of the <span id="st" name="st" class="st">virtual</span> <span id="st" name="st" class="st">personality</span> of the person,
previous authorization of the person, and always just if it is in the
benefit and advantage of the person."</span><br>=======================<br>
<br><div><span class="gmail_quote">On 3/2/06, <b class="gmail_sendername">Dick Hardt</b> <<a href="mailto:dick@sxip.com">dick@sxip.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div style="direction: ltr;"><div>Joaquin</div><div><br></div><div>Here is my clarification between Push and Pull:</div><div><br></div><div>Pull:</div><div><span style="white-space: pre;"> </span>- The user provides the Relying Party with a *user unique* Repository locator. (URL or XRI)
</div><div><span style="white-space: pre;"> </span>- The Relying Party queries a Repository to get user data.</div><div><span style="white-space: pre;"> </span>- The user may or may not be involved in the transaction.</div>
<div><br></div><div>I consider OpenID, LID and XRI Pull architectures</div><div><br></div><div><br></div><div>Push:</div><div><span style="white-space: pre;"> </span>- The Relying party advertises what data it wants.</div>
<div><span style="white-space: pre;"> </span>- The user "Pushes" the data to the Relying Party</div><div><span style="white-space: pre;"> </span>- The repository does not need to be accessible to the Relying Party. This allows the data to reside on the user's machine.
</div><div><span style="white-space: pre;"> </span></div><div>I consider Shiboleth, SXIP and WS-* Push architectures</div><div><br></div><div>....</div><div><br></div><div>With
SXIP, which is a Push architecture, we have a need for protocol
discovery, which lead to my interest in Yadis. Unlike the Pull
technologies where the identifier is for the user, the identifier was
for the user agent so that the Relying Party would know what the user
agent was capable of. This is only needed for zero desktop footprint
implementations. Rich Clients would be able to
negotiate capabilities with the Relying Party.</div><div><br></div><div>The
original Yadis mandate was for identity protocol discovery. I was very
interested in leveraging existing work, if it did not impose excessive
overhead. The current direction of Yadis seems to be exclusively for
support of the Pull technologies. </div><div><br></div><div>Feel free to ask for any clarifications.</div></div><div style="direction: ltr;"><span class="sg"><div><br></div><div>-- Dick</div></span></div><div style="direction: ltr;">
<span class="e" id="q_109bdae5b0b90e63_2"><div><br></div><div><br></div><div><div><div>On 2-Mar-06, at 4:38 PM, Joaquin Miller wrote:</div><br><blockquote type="cite"> <font size="3">This might be right (someone who uses the terms might could explain them)
<br><br> and it is certainly clear, which is very useful. <br><br> <blockquote type="cite" cite="http://">Okay, let me see if I have this Push/Pull distinction straight. Please correct me if I'm wrong.<br><br>
"Pull" protocols are those that put some data out there to be
accessible via a URL. The data does not change based on who
requests the information. Yadis is such a protocol, since when an
Relying Party goes to fetch the data, there is no specified way to
change the data based on who is requesting it.<br><br> "Push" protocols
are those that allow the user to modify the data based on who is
requesting it. OpenID is such a protocol: the data is transmitted
by redirecting the user between the Relying Party and the Identity
Provider, and the user can choose to have the Identity Provider send
his or her authentication information or to cancel the transaction.<br><br> Is that right, or is there something I'm missing?</blockquote><br>
If this is what 'push' and 'pull' mean, then your examples are
certainly right: According to your distinction Yadis is pull and
OpenID and LID are push. LID, of course, differs from OpenID; you
describe OpenID in your example of push.<br><br> Cordially, Joaquin</font> </blockquote></div><br></div>
</span></div></blockquote></div><br><br clear="all"><br>-- <br>Jaco Aizenman L.<br>My iname is =jaco (<a href="http://xri.net/=jaco">http://xri.net/=jaco</a>)<br>Virtual Rights Institute - Founder <a href="http://www.virtualrights.org">
www.virtualrights.org</a><br>XDI Board member - <a href="http://www.xdi.org">www.xdi.org</a> <br>Tel/Voicemail: 506-3887222 <br>Costa Rica<br><br>What is an i-name?<br><a href="http://en.wikipedia.org/wiki/I-name">http://en.wikipedia.org/wiki/I-name
</a>