LJ munging OpenID comments?

Doug Bell doug at hawkaloogie.com
Tue Sep 20 15:10:07 PDT 2005 

Zefiro wrote:

>>On 9/19/05, Kurt Raschke <kurt at raschke.net> wrote:
>>OpenID users really are basically the same as anonymous users.
>>    
>>
>We discussed this already and it is NOT.
>
>Please DO see the difference between 'not anonymous' and 'not spam'.
>
>It's completely ok if LJ chooses to handle other identification methods differetly than their own users (who are bound to their
>terms, they have some date, captcha, etc). But it is not ok to keep insisting that OpenID users are anonymous users. Repeating
>the sentence about trust doesn't change anything, as this OpenID != anonymous does say nothing about trust, and the spec
>explicitely stating that it says nothing about trust does not confirm in any way that OpenID is anonymous. After all, this is
>the whole (and only) point in OpenID.
>  
>
The "OpenID <= Anonymous" is a matter of who's providing the OpenID. The 
fact remains that anyone with a web server could offer any spammer an 
OpenID or twenty.

Think of an OpenID more like an e-mail address. Some people have e-mail 
addresses from free providers, and some sites won't accept those e-mails 
to register with because of a lack of trust. Other people have e-mail 
addresses from their school or ISP, which offer more in terms of trust.

Developers: As a consumer, could you trust certain providers more than 
other providers? In other words, could you take the last delegate and 
keep a record of whether or not to trust OpenIDs from that delegate? 
Perhaps include a special record for those who seem to manage only their 
own OpenID from their own server ( if ($provider_url =~ /$openID/) { 
return lookup_trust("private_id"); } else { return 
lookup_trust($provider_url) } ).

Additionally, it'd be great to see a web of OpenID providers that allow 
new users on invite-only, with some type of point system to manage how 
many invites a user can give out (like http://cacert.org does for SSL 
certificates. http://wiki.cacert.org/wiki/FAQ_2fAssuranceIntroduction ). 
(Like a kind of online notary public).

More information about the yadis mailing list