Identity 2.0

Dick Hardt dick at sxip.com
Wed Mar 1 21:30:45 UTC 2006


On 1-Mar-06, at 1:18 PM, Johannes Ernst wrote:

>>> Sounds to me like the three of us are talking about a push  
>>> model...really the pull model comes into play if for example your  
>>> profile server returned your email address to any requestor with  
>>> no intervention on your part.
>>
>> My understanding of the promoters of "push" archetectures is that  
>> this is an important feature. I find the lack of user intervention  
>> problematic, even if the requestor identifies themselves.
>
> Now where in the world did the "lack of user intervention [in the  
> pull model]" come from?

er, read the text that I was responding to.

>
> The amount of user control in a "push" and a "pull" model -- the  
> very terms of which are problematic as has been discussed ad  
> nauseam in certain places -- is exactly the same and boils down to:
>
> "Dear user, website X wishes to obtain data element Y from you.  
> Would you like X to have Y or not?"
>
> Where the models differ is in:
> - Push: "It appears that my customer cannot be reached under the  
> telephone number any more that they gave me, voluntarily, when they  
> signed up with this service last year. What do I do now?"

the user does not want to be reached -- end of connection

Easy in pull model to store a URL for the site so that when the data  
changes, the user's software agent can ask the the user if they want  
to give it to the site.
Data only moves when it changes, and the user is involved in it being  
released all the time.

>  - Pull: "I just pulled it, so it must be the most accurate number  
> at this time." And by the way, the website doesn't need to store Y,  
> and thus is not subject to identity theft of item Y due to lost  
> backup tapes or whatever seems to be the most favorite method of  
> privacy disasters these days.

they still are storing the URI to get the data and the credentials to  
retrieve it, so little difference if they are compromised. They  
either get the data, or get how to get the data

To rise up a level, why are you being so abrasive?

-- Dick



More information about the yadis mailing list