openid-brainstorming: Difference between revisions
mNo edit summary |
(added link to Tom's blog post explaining how OpenID+XFN based provisioning of custom hCard info works) |
||
Line 1: | Line 1: | ||
<h1> | <h1> OpenID + microformats Brainstorming </h1> | ||
{{TOC-right}} | {{TOC-right}} | ||
This is a public space for capturing some ideas on how [[OpenID]] and Microformats can work together. | This is a public space for capturing some ideas on how [[OpenID]] and Microformats can work together. | ||
== Relevant Microformats == | == Relevant Microformats == | ||
* [[hcard|hCard]] - for profiles | * [[hcard|hCard]] - for profiles | ||
* [[xfn|XFN]] | * [[xfn|XFN]] | ||
** rel="friend" etc. for marking up relationships between profiles | ** rel="friend" etc. for marking up relationships between profiles | ||
** rel="me" for [http://gmpg.org/xfn/and/#idconsolidation identity consolidation] among profiles | ** rel="me" for [http://gmpg.org/xfn/and/#idconsolidation identity consolidation] among profiles | ||
*** | *** Can YADIS be extended to support rel="me"? | ||
== Ideas for use == | == Ideas for use == | ||
* Identity providers could provide hCard marked up profile pages | * Identity providers could provide hCard marked up profile pages | ||
* re-use [[hcard|hCard]] (vCard) vocabulary for HTTP query based key-value pairs of information requested and returned | * re-use [[hcard|hCard]] (vCard) vocabulary for HTTP query based key-value pairs of information requested and returned | ||
== Microformats outside HTML == | == Microformats outside HTML == | ||
* JSON representations of hCard etc. | * JSON representations of hCard etc. | ||
== OpenID whitelist authentication for private | == OpenID whitelist authentication for private hCard == | ||
A possible design pattern is to use OpenID to allow a person to login to, say, a blog and find out more information. You could build the whitelist of OpenID's by parsing data out of a social network API or a list of XFN friends (following the ideas on [[social-network-portability]]). | A possible design pattern is to use OpenID to allow a person to login to, say, a blog and find out more information. You could build the whitelist of OpenID's by parsing data out of a social network API or a list of XFN friends (following the ideas on [[social-network-portability]]). | ||
[[User:TomMorris|Tom Morris]] has implemented this on [http://tommorris.org/blog his blog], and on a "family extranet". | [[User:TomMorris|Tom Morris]] has implemented this on [http://tommorris.org/blog his blog], and on a "family extranet". | ||
Tom recently explained this a bit more in his blog post [http://tommorris.org/blog/2007/11/05#pid2533635 Are you on the list? / Once again, in English]: | |||
<blockquote><p>Here's what I'm trying to do. I have an hCard on my blog - over in the sidebar. I want to make it so that the people who want to get my contact details can. I've had the fun experience of auto-dialling with Skype when microformats are present, and being able to download phone numbers onto my phone. Basically, I want to simulate electronically the situation I have when one gives their business card out to someone without having to carry bits of card around with me. The user experience should something like this:</p><p>User: "I know Tom. I want to contact him by phone or send him something by post." User goes to my blog and enters their OpenID. If user is on list, user sees extra information - my home address and phone numbers. This is all in an hCard, so they can use hCard tools like Operator to use the information in a more useful way.</p> <p>This is important, as often people want to make data available, but not to everyone. OpenID is a good way of letting people authenticate, but not as intrusive as having them sign up and have to give you their e-mail and so on.</p><p>...</p><p>Ideally, when we have a few more pieces in place, we will have it so that we can do automatic OpenID inference - if you have a WordPress blog and I list you as a friend on say, Flickr and Twitter, then you can get access to my personal details. Personal details are also just the tip of the iceberg - everyone has things which they want only some of their friends to be able to see or use. </p><p>The general overall plan is to make it so that network connections can be used as a way of providing or denying services. Some people are using this 'graph' of connections to determine whether or not you are a comment spammer.</p></blockquote> | |||
=== Counterpoints === | |||
* Will Norris on [http://willnorris.com/2007/11/hcard-is-not-a-provisioning-engine-for-private-data privacy issues in using hcard for data provisioning.] | |||
** Most of Will's questions/concerns are explained by Tom's abovementioned blog post. | |||
==See also== | ==See also== | ||
* [[hCard]] | |||
*[ | * [[XFN]] | ||
* [[social network portability]] | |||
* [[OpenID]] | |||
* [[OAuth]] |
Revision as of 01:03, 6 November 2007
OpenID + microformats Brainstorming
This is a public space for capturing some ideas on how OpenID and Microformats can work together.
Relevant Microformats
- hCard - for profiles
- XFN
- rel="friend" etc. for marking up relationships between profiles
- rel="me" for identity consolidation among profiles
- Can YADIS be extended to support rel="me"?
Ideas for use
- Identity providers could provide hCard marked up profile pages
- re-use hCard (vCard) vocabulary for HTTP query based key-value pairs of information requested and returned
Microformats outside HTML
- JSON representations of hCard etc.
OpenID whitelist authentication for private hCard
A possible design pattern is to use OpenID to allow a person to login to, say, a blog and find out more information. You could build the whitelist of OpenID's by parsing data out of a social network API or a list of XFN friends (following the ideas on social-network-portability).
Tom Morris has implemented this on his blog, and on a "family extranet".
Tom recently explained this a bit more in his blog post Are you on the list? / Once again, in English:
Here's what I'm trying to do. I have an hCard on my blog - over in the sidebar. I want to make it so that the people who want to get my contact details can. I've had the fun experience of auto-dialling with Skype when microformats are present, and being able to download phone numbers onto my phone. Basically, I want to simulate electronically the situation I have when one gives their business card out to someone without having to carry bits of card around with me. The user experience should something like this:
User: "I know Tom. I want to contact him by phone or send him something by post." User goes to my blog and enters their OpenID. If user is on list, user sees extra information - my home address and phone numbers. This is all in an hCard, so they can use hCard tools like Operator to use the information in a more useful way.
This is important, as often people want to make data available, but not to everyone. OpenID is a good way of letting people authenticate, but not as intrusive as having them sign up and have to give you their e-mail and so on.
...
Ideally, when we have a few more pieces in place, we will have it so that we can do automatic OpenID inference - if you have a WordPress blog and I list you as a friend on say, Flickr and Twitter, then you can get access to my personal details. Personal details are also just the tip of the iceberg - everyone has things which they want only some of their friends to be able to see or use.
The general overall plan is to make it so that network connections can be used as a way of providing or denying services. Some people are using this 'graph' of connections to determine whether or not you are a comment spammer.
Counterpoints
- Will Norris on privacy issues in using hcard for data provisioning.
- Most of Will's questions/concerns are explained by Tom's abovementioned blog post.