Re: [Auth]delurking with opinions

[Albert Scherbinsky]

"Kurt L. Sussman" wrote:
> 
> I've been following along for a while now, and I see some great ideas
> here. I'm looking forward to writing a little code (or maybe test plans
> and tools?), but as a user, I have some issues with what's being
> proposed.

Thanks, i'm sure there is more than enough fun to go around.
:)

> First, I don't want to be tied to any browser. I use Mozilla, Konqueror,
> and Netscape on my main desktop and notebook, and Netscape and IE on my
> test systems. I also use wget and lynx where they're appropriate. I
> don't want to be tied to one computer or one browser. Yes, I spend money
> at web sites through the closest computer. And I believe that nerds like
> me will be the early adopters of any open authentication service.

My choice of Netscape as the first prototype implementation
was not meant to limit anybody. If you want to do
implementations on IE, Konqueror or Lynx go ahead, there is
nothing anyone will do to stop you. :)

> Second, I think the kiosk question has to be considered from the
> beginning. I don't often travel without my notebook, but if I'm going to
> go to Paris for a week or two this fall, my wife will probably make sure
> I forget to take it. I'll still need to make sure my servers are up, and
> if a disk fails I'll need to order replacement parts ASAP. This is not a
> hypothetical example; this has happened more than once. That was Hawaii,
> not Paris. #:)

The current SingleLogin/SIML/PIBXML spec can work with
Kiosks as follows:
The clever folks at www.webSLAP.com (web SingleLogin
Application Service) decide to design an implementation
architecture that works by entirely hosting the Single Login
application as a web service. So you, from a kiosk with
nothing more than HTML/HTTPS support, are able to login to
your account on www.webSLAP.com and see a list of all the
webservices you have accounts on. With a single click on any
service on the list you are logged into that account(Think,
web server/proxy server gateway, ahah they say). Presto,
done. In addition, the clever folks at webSLAP have various
client software that will let you access your PIB data from
their server with your favourite browser. Now, if as you say
you happen to have a machine up all the time, then there is
nothing stopping you from running your own equivalent
software to webSLAP's.

We have to start somewhere. A mozilla plugin is a good place
to start.

> Third (and last, for now), I want to restrict the information based on
> the site it's going to. I don't want to give buy.com my real email, I'll
> give them on at spamgourmet.com. But I don't mind if my bank or
> brokerage has the real address, and there's no point trying to block
> things like SSN, driver's license number, home phone, etc. from the
> bank because they already have all that. Buy.com can have one credit
> card number (and I want to pick which one each time), but not all of
> them. I'm sure you understand what I mean here. Implementation will be
> difficult, I know.

All this is possible within the current spec since it wisely
leaves these details to implementors. Perhaps you want to
implement some access control code for the PIB? :)
 
> I hope this is useful. I want to see this project acheive the goal of
> being better than Passport. I personally don't think browser plugins and
> unrestricted information are the best way to reach that goal.

We are not advocating unrestricted access, or promoting one
implementation architecture over another. We are not
specifying either of these things as part of the standard.
We leave these details to implementors to allow for the best
ideas to rise to the surface. Each user can decide what they
want from the available implementations.

Thanks for your input,
-- 
Albert Scherbinsky
Drop by at: http://members.home.net/alberts/

Convenient control of our personal information:
Single Login:
http://members.home.net/alberts/single.htm
Simple Interface Markup Language:
http://members.home.net/alberts/siml.htm
Personal Information Base XML
http://members.home.net/alberts/PIB.htm