Identity 2.0
David Recordon
david at sixapart.com
Wed Mar 1 20:15:44 UTC 2006
> The model you describe below is what I would call a "pull" model,
> where Amazon is pulling the data from your identifier. I'm a proponent
> of the "push" model, where the user sees what Amazon is asking for,
> and can select which information to release.
In that example I'm not sure the terms are mutually exclusive. Just as in the push model the user can be prompted with the requested information and be required to authorize it, the same can happen in the pull model. Amazon requests my information from LiveJournal, LJ tells me what they want and asks me to authorize it. To the user, how is this different than what you describe as the push model?
Sounds to me like the three of us are talking about a push model...really the pull model comes into play if for example your profile server returned your email address to any requestor with no intervention on your part.
--David
________________________________
From: yadis-bounces at lists.danga.com [mailto:yadis-bounces at lists.danga.com] On Behalf Of Dick Hardt
Sent: Wednesday, March 01, 2006 9:04 AM
To: Petra Sütterlin
Cc: YADIS List
Subject: Re: Identity 2.0
Hi Petra
There are a few different models on how your email address and postal address can be provided to Amazon. One of the concepts behind Identity 2.0 is enabling the user to easily provide identity data.
The model you describe below is what I would call a "pull" model, where Amazon is pulling the data from your identifier. I'm a proponent of the "push" model, where the user sees what Amazon is asking for, and can select which information to release.
-- Dick
On 1-Mar-06, at 8:53 AM, Petra Sütterlin wrote:
Dick,
did I understand the following right?:
I have an e-mail account and a post-adress on my own website. They are for example marked with tags (similar to the tags in the html-header in which I write the servername (i.e.: <link rel="openid.server" href="http://bob.com/openid-server.app">)). Because of that the amazon-server searches this one and asks me to release the informations from there.
And YADIS offers the possibility, that I'm not anymore dependent to a special ID 2.0-modell and I have the free choice.
It does it like that, because it knows that openID marks the e-mail-adress with a name-tag, while TypeKey or Sxip uses "e-mail-adress" for it.
Am I right?
And thanks! Mike Neuenschwander already send me his report.
Petra
Hi Petra
Identity 1.0 is a domain-centric model.
If ebay and amazon were using an ID2.0 model, then they may still require your email and post address, but rather then having to type them in, you would be prompted to release them.
The Burton group has a report on user centric identity. Mike Neuenschwander is the author. It is not a public document, but you can ask Mike (cc'ed) about it.
-- Dick
On 28-Feb-06, at 1:25 PM, Petra Sütterlin wrote:
Hello to everybody,
Many thanks for the immediate answer and the links. I'm surprised how good the subject already has been presentated. I did not expect it like this.
What I am still looking for is more general information about ID2.0 because I will probably have to answer the following questions:
-What is the difference between ID 1.0 and ID 2.0 ?
-If e-bay and amazon also applied the ID 2.0 system, will I still have to submit my e-mail and postadress? And in this case I just don't have to fill in password and Username?
Maybe the answers are already hidden in the links, but I did not find them, yet.
Best regards and happy greetings from germany
Petra Sütterlin
Philognosie
My-Lands
More information about the yadis
mailing list