Identity 2.0

Johannes Ernst at
Wed Mar 1 21:18:42 UTC 2006

>> Sounds to me like the three of us are talking about a push  
>> model...really the pull model comes into play if for example your  
>> profile server returned your email address to any requestor with  
>> no intervention on your part.
> My understanding of the promoters of "push" archetectures is that  
> this is an important feature. I find the lack of user intervention  
> problematic, even if the requestor identifies themselves.

Now where in the world did the "lack of user intervention [in the  
pull model]" come from?

The amount of user control in a "push" and a "pull" model -- the very  
terms of which are problematic as has been discussed ad nauseam in  
certain places -- is exactly the same and boils down to:

"Dear user, website X wishes to obtain data element Y from you. Would  
you like X to have Y or not?"

Where the models differ is in:
- Push: "It appears that my customer cannot be reached under the  
telephone number any more that they gave me, voluntarily, when they  
signed up with this service last year. What do I do now?"
  - Pull: "I just pulled it, so it must be the most accurate number  
at this time." And by the way, the website doesn't need to store Y,  
and thus is not subject to identity theft of item Y due to lost  
backup tapes or whatever seems to be the most favorite method of  
privacy disasters these days.

Johannes Ernst
NetMesh Inc.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: lid.gif
Type: image/gif
Size: 973 bytes
Desc: not available
Url :
-------------- next part --------------

More information about the yadis mailing list