identity as a URL instead of an email? hrmmmm

S. Alexander Jacobson alex at alexjacobson.com
Sun Mar 26 18:20:03 UTC 2006


> Kaliya * wrote:
>> I am not sure if it has been posted on this list yet but at etech I met Alex
>> Jacobs who developed http://www.pass.net/
>>
>> "We already use email addresses to identify users and we already use mail
>> domains to authenticate them (via confirmation emails). We should use that
>> infrastructure so users only ever log in on their mail domain server and
>> sites can use those logins to authenticate those users when they
>> visit."......

Thanks you Kaliya for the intro.  Pass.net was actually inspired by 
OpenId.  One of my programmers recommended it to me for a project we 
were working on.  I really liked it, but couldn't figure out how to 
use it for the project on which I was working.  I posted my suggestion 
for using email addresses rather than URLs and for other 
simplifications on this mailing list in january in a thread titled 
"Simplifying OpenId".  I got some really useful feedback.  Pass.net is 
partially the result of that feedback.  Here is a brief summary of the 
differences between it and openid.

1. Change of user identity to an email address

2. Change of the link tag lookup to a DNS lookup

3. Simplifications of the server to server protocol that take
    advantage of above.

4. Adding the possibility of data/profile exchange.

5. Supporting a default email authenticator service concept if the
    user's domain doesn't support the protocol.

On Sun, 26 Mar 2006, Martin Atkins wrote:
> It also requires that the user be able to manipulate DNS for his domain
> in order to use his vanity domain as an email address. Most people who
> have vanity email domains are just using some kind of cute forwarding
> service to get mail to a real mailbox, so they can't possibly make DNS
> changes under that domain.

Huh?  All that is required here is creation of a subdomain.  I believe 
all the major major name registrars allow their users to do that.  Do 
you have other data?

> Also, as a side note, I've not got much respect for someone who thinks
> that it's a good idea to publish this on the web for client-side processing:
> <?xml version='1.0' encoding='UTF-8' ?>
> <?xml-stylesheet type="text/xsl" href="/s/style2.xsl" ?>
> <index/>

And, I don't have much respect for people who make ad-hominem 
arguments (see 
http://www.nizkor.org/features/fallacies/ad-hominem.html).

FYI, I serve out XML w/ stylesheet PIs to mozilla and IE because they 
can handle it.  I do XSLT server side for lynx/konqueror/safari/opera 
which can't. If you have a serious objection to this approach or an 
explanation for how it relates to this discussion, I would love to 
hear it.  If you are just blowing off steam, perhaps you might try 
going to the gym.

> ...it makes me think that this is someone who hasn't quite grasped the
> current realities of the network, which was also the first thing I
> thought when I saw this "magic DNS" approach.

Care to elucidate what "current realities" of which "network" bear on 
pass.net.  Or what is "magical" about creating a subdomain.

-Alex-


______________________________________________________________
S. Alexander Jacobson tel:917-770-6565 http://alexjacobson.com


More information about the yadis mailing list