Re: [webfinger] Vision for Webfinger - what are we doing?

Eric Mill <eric@konklone.com> Fri, 01 November 2013 18:35 UTC

Return-Path: <konklone@gmail.com>
X-Original-To: webfinger@ietfa.amsl.com
Delivered-To: webfinger@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75F7A11E8169 for <webfinger@ietfa.amsl.com>; Fri, 1 Nov 2013 11:35:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.679
X-Spam-Level:
X-Spam-Status: No, score=0.679 tagged_above=-999 required=5 tests=[AWL=-2.544, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, FM_IS_IT_OUR_ACCOUNT=4.2, HTML_MESSAGE=0.001, J_BACKHAIR_42=1, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iHqoihw1Zbwc for <webfinger@ietfa.amsl.com>; Fri, 1 Nov 2013 11:35:01 -0700 (PDT)
Received: from mail-ea0-x236.google.com (mail-ea0-x236.google.com [IPv6:2a00:1450:4013:c01::236]) by ietfa.amsl.com (Postfix) with ESMTP id 3A01411E814D for <webfinger@ietf.org>; Fri, 1 Nov 2013 11:34:59 -0700 (PDT)
Received: by mail-ea0-f182.google.com with SMTP id o10so2210271eaj.41 for <webfinger@ietf.org>; Fri, 01 Nov 2013 11:34:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-type; bh=hvI3O9LuBLLuJVjGA+PTfPT7Ggq5MoMCyHT/9QJhdgw=; b=X0sIQAB2wYr40GfMds4uYSTbEWtuHjF0GJg5/aeSdfPVimUngBX/phpJJg8//6FyBo LiYytCLjp+Me1zknabo+vgnSQ1iG+GnemRgF0BnvvbJg4EyGLJ3dsL8Ifjsqikeu5Cbl OS8srkbh/xWgkVRbXG15978wUuukbBuBad+CefWHzih3/FWeTWYDmAUWRRbkvJMB2moK K5oTKlvP0FnNNlWDfMbZQFIAelXOc30sFBDkjzzQpMOLDwAKz4L43if8hbuqbB6n+SBV y4LUtEDbUUrd4o0GTfKLMeB17VJPac/p+wBUkDYWizM3c0HOO1XK6ViFMPtnui3ks+kq y6KQ==
X-Received: by 10.15.54.199 with SMTP id t47mr4544478eew.46.1383330898270; Fri, 01 Nov 2013 11:34:58 -0700 (PDT)
MIME-Version: 1.0
Sender: konklone@gmail.com
Received: by 10.223.10.137 with HTTP; Fri, 1 Nov 2013 11:34:18 -0700 (PDT)
In-Reply-To: <CAA1s49X5xmV2RFDpVZBO5wwCZeFPJviQFA6PbXv=5xNZdt7ONQ@mail.gmail.com>
References: <CANBOYLVNwmneMiNaM+7DGm+UyDbZBhhcX15b=CeNoZgxf+oEDw@mail.gmail.com> <525D9646.7010306@packetizer.com> <CANBOYLXNktGGHSaC4BEi4nN19OY=tLU16SocqO6akdybC40p0A@mail.gmail.com> <CANBOYLXVtj1ppNGZmATkgJv2aqsG-q4ZedkOPNesUhwwCTd-XA@mail.gmail.com> <CAKaEYhKGH=vQH2qun2y3CNbxEjLtJtR+i9Z3q_act-SmiDQfCg@mail.gmail.com> <CANBOYLV+Oci29Gqp=qHZUhSgiR3M3uxnBL7i376y36D++ETvUA@mail.gmail.com> <CAA1s49X5xmV2RFDpVZBO5wwCZeFPJviQFA6PbXv=5xNZdt7ONQ@mail.gmail.com>
From: Eric Mill <eric@konklone.com>
Date: Fri, 1 Nov 2013 14:34:18 -0400
X-Google-Sender-Auth: wYjErF_8kKaZhhCteZVoVGwjVj4
Message-ID: <CANBOYLWLr2Dt_ugOrk2VdO=8nDO43kstaR_nwsEAat5R_6-Qxw@mail.gmail.com>
To: webfinger@googlegroups.com
Content-Type: multipart/alternative; boundary=001a11c3d4b0cc5d0104ea21d2a6
Cc: "Paul E. Jones" <paulej@packetizer.com>, "webfinger@ietf.org" <webfinger@ietf.org>
Subject: Re: [webfinger] Vision for Webfinger - what are we doing?
X-BeenThere: webfinger@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of the Webfinger protocol proposal in the Applications Area <webfinger.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/webfinger>, <mailto:webfinger-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/webfinger>
List-Post: <mailto:webfinger@ietf.org>
List-Help: <mailto:webfinger-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/webfinger>, <mailto:webfinger-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Nov 2013 18:35:02 -0000

On Fri, Nov 1, 2013 at 2:08 PM, Bob Wyman <bob@wyman.us> wrote:

>
> Imagine that you were running a service like Twitter that has accounts but
> doesn't offer email service. In this case, you
>
might use an acct: URI to allow data to be associated with names of your
> accounts.
>

The Twitter example makes it click for me, thank you. I added "or other
account" to my post. In practice, I think that's more likely to empower
"Sign in With Twitter" in a standards-oriented way than it is to empower
federated identity, but that's important too.

-- Eric


>
> Imagine that you had a web page that allowed users to do some kind of a
> search or perform some function upon filling out a form. But, you also
> offered an API so that folk could write programs to accomplish the same
> function without parsing HTML, etc. -- if only they knew the API protocol
> or had a WSDL<http://en.wikipedia.org/wiki/Web_Services_Description_Language>-like
> document describing it. In that case, you could use WebFinger to return a
> resource that described or pointed to the API that should be used with the
> page. (i.e. this would be like a simple, distributed version of UDDI<http://en.wikipedia.org/wiki/Universal_Description_Discovery_and_Integration>
> ...)
>
> etc. the uses are endless...
>
>
>
>>  FWIW, I was more precise in the definition I contributed<https://github.com/webfinger/webfinger.net/pull/5>to the front
>> page of webfinger.net <http://webfinger.net/>: "A way to attach
>> information to an email address, or other online resource."
>>
>> About the link relations (and maybe this should be a separate thread),
>> when I was making sinatra-webfinger, I realized it was useful to start a little
>> mapping file<https://github.com/konklone/sinatra-webfinger/blob/master/data/urns.yml>of keywords to best-practice URNs. That way, my configuration was just
>> "name: 'Eric Mill'", etc.
>>
>> Maybe it's worth factoring this out to its own tiny repo, and soliciting
>> contributions? I think in practice, most admin and user interaction with
>> Webfinger property names and link rel's should be through common names, not
>> literally pasting in whole URNs. I honestly can't be bothered to remember
>> them, or choose between them.
>>
>> -- Eric
>>
>>
>> On Fri, Nov 1, 2013 at 11:14 AM, Melvin Carvalho <
>> melvincarvalho@gmail.com> wrote:
>>
>>>
>>>
>>>
>>> On 1 November 2013 15:58, Eric Mill <eric@konklone.com> wrote:
>>>
>>>> I channeled this into a blog post, if anyone's interested:
>>>>
>>>> https://konklone.com/post/webfinger-gets-a-final-chance
>>>>
>>>
>>> Nice post.  It's actually worth rereading Eran's post on this topic.
>>> It's great that eran talks about http range 14.
>>>
>>> +1 that your record has https
>>>
>>> +1 that you set the mime type
>>>
>>> I personally would *not* use the webfinger.net link relations, but
>>> reuse existing predicates such as FOAF, which passes W3C validation (e.g.
>>> vapour).  But you are free to choose what you prefer.
>>>
>>> IMHO, decentralization didnt happen, we live in a more centralized web
>>> than ever.  Many people including Chris Messina advocated the host your own
>>> identity pattern, but slowly but surely, the concept was put more and more
>>> to the side.  At least openid in theory still allows it, even if the
>>> practice is very different.  Persona does not allow it at all.
>>>
>>> You seem to suggest that webfinger is about getting information about
>>> email addresses, although that was the original idea, but it's not now.
>>> It's about accounts at hosts, which is a subtle difference.  SWD was about
>>> email addresses.
>>>
>>> Overall I find myself agreeing with most of what you say :)
>>>
>>>
>>>>
>>>> I imagine it's going to rankle some people who disagree with my
>>>> prognosis that some things are dead, but it's how it feels from here.
>>>> Webfinger needs rapid experimentation, high profile adoption, and the
>>>> energy of the rest of the open web community.
>>>>
>>>>
>>>> On Wed, Oct 16, 2013 at 11:38 AM, Eric Mill <eric@konklone.com> wrote:
>>>>
>>>>> This is all helpful to hear, and I hope these all come to fruition,
>>>>> especially OpenID Connect. I'll take a stab at setting up my own OpenID
>>>>> Connect service on my domain and see how it feels.
>>>>>
>>>>> I guess it's inevitable that we have to hope the big companies make a
>>>>> meaningful gesture, too. Giving Google's outdated Webfinger endpoint<https://gmail.com/.well-known/host-meta> for
>>>>> Gmail a big update would be a great start.
>>>>>
>>>>> On Tue, Oct 15, 2013 at 3:23 PM, Paul E. Jones <paulej@packetizer.com>wrote;wrote:
>>>>>
>>>>>>  Eric,
>>>>>>
>>>>>> OpenID is not entirely dead, yet.  I still run my own OpenID OP
>>>>>> server and use it to log into some sites.  I still allow OpenID logins on
>>>>>> forums.packetizer.com, too.  It's still in use, but the large sites
>>>>>> just didn't have enough users using it, so they axed it.  On its heels,
>>>>>> though, is now OpenID Connect and it will use WebFinger for discovery.  so,
>>>>>> sure... push it :-)
>>>>>>
>>>>>> Personally, I can think of a lot of good uses for WebFinger:
>>>>>> * When I log onto a web site, I want the site to grab my name an
>>>>>> picture automatically.
>>>>>> * If I want somebody to send me bitcoins, I'd much rather give them
>>>>>> my email address (and I do have that in my WF account)
>>>>>> * My contact info is published via WebFinger, so I don't have to give
>>>>>> people a lot of info on a business card
>>>>>> * WebFinger will hopefully be used as the starting point for
>>>>>> auto-provisioning of email clients or other devices and applications where
>>>>>> one has to enter server and port information
>>>>>>
>>>>>> Paul
>>>>>>
>>>>>>
>>>>>> On 10/14/2013 11:21 PM, Eric Mill wrote:
>>>>>>
>>>>>> Hey all,
>>>>>>
>>>>>>  I was at a hackathon<http://fedscoop.com/code-dc-calls-furloughed-feds/> today,
>>>>>> and spent the day working on Webfinger libraries for Sinatra<https://github.com/konklone/sinatra-webfinger>and
>>>>>> Jekyll <https://github.com/konklone/jekyll-webfinger>. It was really
>>>>>> productive, but -- at the end of the day, a reporter was there asking
>>>>>> everybody questions about their projects.
>>>>>>
>>>>>>  When he asked what Webfinger was for, I realized that the original
>>>>>> easy-to-communicate killer app for Webfinger, easing universal login
>>>>>> through OpenID, was<http://productblogarchive.37signals.com/products/2011/01/well-be-retiring-our-support-of-openid-on-may-1.html>
>>>>>> dead <https://www.myopenid.com/>. The only thing I could think to
>>>>>> say was "Remember OpenID? Before it died? Well, this is a piece of the
>>>>>> puzzle to putting something like that back together again."
>>>>>>
>>>>>>  That didn't feel like a very impressive answer. So, now that OpenID
>>>>>> is dead, what's the one line explanation for why Webfinger is important?
>>>>>> What's the path forward to making Webfinger something people are
>>>>>> incentivized to support?
>>>>>>
>>>>>>  Should we be pushing really hard to resuscitate OpenID via OpenID
>>>>>> Connect? Do we just need to wait for internal lobbying inside of
>>>>>> Google/Microsoft/Twitter/etc to pay off in some announcement? I know
>>>>>> Webfinger supports more than email lookup -- is there some particular
>>>>>> killer app people were envisioning when they lobbied for that feature?
>>>>>>
>>>>>>  I'm so happy there's finally an RFC, after so many years. I
>>>>>> recognize how much work was put in to make that happen, and this shouldn't
>>>>>> be taken as a criticism of anyone. I just want to know what others see for
>>>>>> the future of Webfinger, and what I should do next.
>>>>>>
>>>>>>  -- Eric
>>>>>>
>>>>>>  --
>>>>>>  konklone.com | @konklone <https://twitter.com/konklone>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> webfinger mailing listwebfinger@ietf.orghttps://www.ietf.org/mailman/listinfo/webfinger
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> webfinger mailing list
>>>>>> webfinger@ietf.org
>>>>>> https://www.ietf.org/mailman/listinfo/webfinger
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> konklone.com | @konklone <https://twitter.com/konklone>
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> konklone.com | @konklone <https://twitter.com/konklone>
>>>>
>>>> _______________________________________________
>>>> webfinger mailing list
>>>> webfinger@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/webfinger
>>>>
>>>>
>>>  --
>>>
>>>
>>> ---
>>> You received this message because you are subscribed to the Google
>>> Groups "WebFinger" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to webfinger+unsubscribe@googlegroups.com.
>>> For more options, visit https://groups.google.com/groups/opt_out.
>>>
>>
>>
>>
>> --
>> konklone.com | @konklone <https://twitter.com/konklone>
>>
>> _______________________________________________
>> webfinger mailing list
>> webfinger@ietf.org
>> https://www.ietf.org/mailman/listinfo/webfinger
>>
>>
>  --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "WebFinger" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to webfinger+unsubscribe@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
>



-- 
konklone.com | @konklone <https://twitter.com/konklone>