Re: [VCARDDAV] Signed vCards

Kevin Marks <kevinmarks@gmail.com> Mon, 01 July 2013 10:32 UTC

Return-Path: <kevinmarks@gmail.com>
X-Original-To: vcarddav@ietfa.amsl.com
Delivered-To: vcarddav@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B210F21F9D0A for <vcarddav@ietfa.amsl.com>; Mon, 1 Jul 2013 03:32:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ecDswpekaSBY for <vcarddav@ietfa.amsl.com>; Mon, 1 Jul 2013 03:32:07 -0700 (PDT)
Received: from mail-qe0-x22d.google.com (mail-qe0-x22d.google.com [IPv6:2607:f8b0:400d:c02::22d]) by ietfa.amsl.com (Postfix) with ESMTP id 8860621F9D04 for <vcarddav@ietf.org>; Mon, 1 Jul 2013 03:32:07 -0700 (PDT)
Received: by mail-qe0-f45.google.com with SMTP id w7so1580154qeb.32 for <vcarddav@ietf.org>; Mon, 01 Jul 2013 03:32:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=tZjzBFIEAVs6g/wOLNjsg9mCTatuKiAvHt4DVJy/xNE=; b=yxSwPHKa1+C1JsRt3P7n26slhabBXG6XcTB3Lduj1/z+Q/KkP5cUnzoB/17asoDim8 dxIHHXRMYkUvDFxuK+pym7cni68bsRkeBvAtDqV5aVomQz7b/DlPoDT/Roze+z7yxVbV Tq3vsnbuaGTNyKkHntINt/kEzXXetA4FH6g7zWQ3cGlFB2/sgra3fNfEwiSwu52P2ltu 4qAe3cmpTxCZnEv1hXvk5v17oa8NVuLIaq6LdLe6MDX4gKzvhZy4vpIxtXFy8/0wBGka /amegFi1udlUwHaJKgYEFEybGl6qAaU7hFzZP/4gB+2aQfJpsqFUAm3lEx25DIwszz0Z izMg==
MIME-Version: 1.0
X-Received: by 10.224.167.69 with SMTP id p5mr31096781qay.110.1372674725165; Mon, 01 Jul 2013 03:32:05 -0700 (PDT)
Received: by 10.229.57.197 with HTTP; Mon, 1 Jul 2013 03:32:05 -0700 (PDT)
In-Reply-To: <CAB5WduA09GVZ7j2q4e9aM-CYBj27_deKT=VHhVL0+gzG1yRq0A@mail.gmail.com>
References: <CAB5WduA09GVZ7j2q4e9aM-CYBj27_deKT=VHhVL0+gzG1yRq0A@mail.gmail.com>
Date: Mon, 01 Jul 2013 03:32:05 -0700
Message-ID: <CAD6ztsqqQwbN_-yv9+-tHuh8X1MfBRKEqF6ugH=0avHTuKxzWA@mail.gmail.com>
From: Kevin Marks <kevinmarks@gmail.com>
To: DataPacRat <datapacrat@gmail.com>
Content-Type: multipart/alternative; boundary="089e01536e0662c2fc04e070bdc3"
Cc: Skip Levens <skip@legacyportal.com>, Barry Leiba <barryleiba@computer.org>, "vcarddav@ietf.org" <vcarddav@ietf.org>
Subject: Re: [VCARDDAV] Signed vCards
X-BeenThere: vcarddav@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF vcarddav wg mailing list <vcarddav.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/vcarddav>, <mailto:vcarddav-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/vcarddav>
List-Post: <mailto:vcarddav@ietf.org>
List-Help: <mailto:vcarddav-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vcarddav>, <mailto:vcarddav-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Jul 2013 10:32:08 -0000

do email addresses (or acct: extension thereof per webfinger/fist to
accomodate email-like jabber addresses) and http addresses cover all
practical IDs?
A twitter handle is a URL: @kevinmarks is shorthand for
https://twitter.com/kevinmarks
A facebook ID is an email or a URL - https://facebook.com/kevinmarks is the
same as kevinmarks@facebook.com

The hCard practice is uid's are URLs

Is there a case I'm missing here?

On Sun, Jun 30, 2013 at 8:13 PM, DataPacRat <datapacrat@gmail.com> wrote:

> On Sat, Jun 29, 2013 at 9:27 PM, DataPacRat <datapacrat@gmail.com> wrote:
> > As a related thought; would it be sufficiently useful to add a tag to
> state
> > which of the other fields in that vCard is to be preferred for sorting
> and
> > identification purposes? For example, webfinger and webfist use an email
> > address as the unique identification string; Apple seems to use UID; and
> I'm
> > trying to work with vCards that have little more than a Twitter handle.
> >
> > As a minor variation of the above, perhaps instead of a single canonical
> ID
> > string, a list in preferential order, to allow for better
> interoperability
> > between systems requiring different sorts of ID strings.
>
> After some initial fiddling around; something at least resembling the
> above seems to be a near-necessity, for the various uses I've been
> able to work with so far.
>
> The tricky part seems to be that, when taking one authenticated vCard
> and using that identity as an authentication authority itself, there
> isn't any firm rule about what string to use as the identifier for
> that authority. Given that some vCards have email addresses and some
> don't; some have UIDs; some have Twitter handles; etc; there doesn't
> seem to be any practical way to declare that one particular sort of
> field /has/ to be used as a canonical ID-string. So having a
> PREFERRED-ID field to have the option to declare what string is most
> useful to be used as such would make implementing a full-fledged
> authentication system a heckuvalot easier.
>
> And once the field exists at all, it seems that allowing it to list
> more than one field, presumably in descending order of preference,
> would allow for easier interoperability between vCard systems
> containing different subsets of identifying information. Eg, "The UID
> is the preferred ID-string; but if your particular system doesn't
> handle that, you could use the email address instead, or failing that,
> the nickname."
>
>
> As a practical example; the webfist protocol uses email addresses as
> canonical ID strings, which, with a bit of hash function trickery,
> allows for relatively easy lookups in the webfist ID database. Having
> even just a short list of potential ID-strings could allow, if nothing
> else, all of them to be hashed into a similar database, so that in the
> future, someone seeking to authenticate that identity can lookup
> whichever one of those strings they happen to have available to them.
>
>
> So unless someone has a better idea, I'm definitely adding this to the
> signed vCard proposal. (And since we seem to have passed the initial
> inquiry stage, I'm updating the subject line accordingly.)
>
>
> Thank you for your time,
> --
> DataPacRat
> "Half of knowledge is knowing the questions." -- The Cynic's Book of Wisdom
> _______________________________________________
> VCARDDAV mailing list
> VCARDDAV@ietf.org
> https://www.ietf.org/mailman/listinfo/vcarddav
>