Comment tracking

[Mark]

Hello all,

I'm just now jumping in on this conversation, though I wish I had more
time to participate during this phase.  That said, please correct me if
I've overlooked some previously discussed issue(s).  It would appear that "authentication" has been addressed, but this could easily facilitate other "authorization" mechanisms.  Once a user is properly identified, services could be provided beyond just logging/tracking comments.


Christopher Schmidt wrote:

>On Thu, May 19, 2005 at 11:39:59AM -0700, Christopher Whipple wrote:
>  
>
>>Hey all,
>>
>>Had an idea this morning for builing comment tracking features into
>>publishing platforms piggybacking on OpenID functionality.  Here's how it'd
>>work:
>>
>>I use my blog url to authenticate - the someblog.com server checks my blog
>>and pings my OpenID server.  I'm authenticated and leave my comment.  The
>>someblog.com server then checks my blog again to find a url where my blog
>>accepts incoming pings, sends a ping saying "you just left a comment here,
>>here's the comment's permalink and here's some info about the blog where you
>>left the comment".  My blogging tool then takes care of tracking/displaying
>>that information.
>>
>>Thoughts?
>>    
>>
>
>Not sure how I see that OpenID is an inherent part of this. For the most
>part, tools up until this point have assumed that the "Address" that
>most servers ask for is actually an accurate representation. Wordpress
>has the concept of "Pingback", which is similar to what you describe,
>although not for comments.
>
>Is there something specific about OpenID that makes this more
>likely/possible?
>  
>

This line of server-to-server interaction interests me very much. One of
the things that I would like to see is a means of binding a guest
(remotely authenticated) user to a session such that the identity server
and the consumer server exchange services between them.  The goal that I
had for Drupal using a similar scheme was to have XMLRPC interfaces
between the servers that would tie actions performed on the remote
server to services invoked upon the home/login server, and perhaps
vice-versa.

The only thing that would need to be facilitated by the authentication
process would be identifying available services (and perhaps starting an
encrypted dialogue).  Disregarding encryption, all this would mean is an
exchange of URLs pointing to service listings.  Comment tracking could
be one of these services.

Thus, the only extension that OpenId would need to provide is a link to
a list of services.  The format and purpose of this list would perhaps
be outside the scope of OpenId, but it would nonetheless allow willing
sites to implement their own exchanged services.  The exchanged
(session?) keys that could be for encryption would just facilitate this
conversation.

Ideas?

BTW, I'm very eager to see this implemented in the wild and will push to
get it implemented as a Drupal module as soon as practical.

Addendum: I attempted to send this earlier in the day, and it bounced (Damn dyn IP).  Any followup hasn't been read yet.

Thanks,
-Mark
mark on mogda.com
javanaut on drupal.org
poisonkitty on livejournal
phlegmgem on slashdot
Identity crisis? Moi?