IETF Logo Mail Archive

Re: [webfinger] Vision for Webfinger - what are we doing?

Kingsley Idehen <kidehen@openlinksw.com> Tue, 15 October 2013 19:48 UTC

Return-Path: <kidehen@openlinksw.com>
X-Original-To: webfinger@ietfa.amsl.com
Delivered-To: webfinger@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E5C0411E820A for <webfinger@ietfa.amsl.com>; Tue, 15 Oct 2013 12:48:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=-0.001, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lwqtf1CGBGkR for <webfinger@ietfa.amsl.com>; Tue, 15 Oct 2013 12:48:23 -0700 (PDT)
Received: from mail.openlinksw.com (mail.openlinksw.com [63.119.36.38]) by ietfa.amsl.com (Postfix) with ESMTP id 9A19E11E8186 for <webfinger@ietf.org>; Tue, 15 Oct 2013 12:48:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=openlinksw.com; s=x; h=Content-Type:In-Reply-To:References:Subject:To:MIME-Version:From:Date:Message-ID; bh=lEpfg3sL234Ui6W1Y1MLtQntJ8r/fNtYa58zGLK553s=; b=IChJ76Xu/gRsTzqgepmHIh1oPeHhI77tFCSk+ZGIhW/UZBFTMuQCLPuFyDg1sBBaSiGrd0iOWbt78ckogeSnkekvidHVcTRDG+KOgA/qz5T25C/3YgmViK/MvOXTt32q;
Received: from dyn226.usnet.private ([192.168.11.226]) by mail.openlinksw.com with esmtps (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.74) (envelope-from <kidehen@openlinksw.com>) id 1VWAbJ-0004ej-Tp for webfinger@ietf.org; Tue, 15 Oct 2013 15:48:17 -0400
Message-ID: <525D9C01.9010102@openlinksw.com>
Date: Tue, 15 Oct 2013 15:48:17 -0400
From: Kingsley Idehen <kidehen@openlinksw.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130801 Thunderbird/17.0.8
MIME-Version: 1.0
To: webfinger@ietf.org
References: <CANBOYLVNwmneMiNaM+7DGm+UyDbZBhhcX15b=CeNoZgxf+oEDw@mail.gmail.com> <525D9646.7010306@packetizer.com>
In-Reply-To: <525D9646.7010306@packetizer.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha1"; boundary="------------ms090901080101000901040404"
Subject: Re: [webfinger] Vision for Webfinger - what are we doing?
X-BeenThere: webfinger@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of the Webfinger protocol proposal in the Applications Area <webfinger.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/webfinger>, <mailto:webfinger-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/webfinger>
List-Post: <mailto:webfinger@ietf.org>
List-Help: <mailto:webfinger-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/webfinger>, <mailto:webfinger-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Oct 2013 19:48:27 -0000

On 10/15/13 3:23 PM, Paul E. Jones wrote:
> Eric,
>
> OpenID is not entirely dead, yet.  I still run my own OpenID OP server 
> and use it to log into some sites.  I still allow OpenID logins on 
> forums.packetizer.com, too.  It's still in use, but the large sites 
> just didn't have enough users using it, so they axed it.  On its 
> heels, though, is now OpenID Connect and it will use WebFinger for 
> discovery.  so, sure... push it :-)
>
> Personally, I can think of a lot of good uses for WebFinger:
> * When I log onto a web site, I want the site to grab my name an 
> picture automatically.
> * If I want somebody to send me bitcoins, I'd much rather give them my 
> email address (and I do have that in my WF account)
> * My contact info is published via WebFinger, so I don't have to give 
> people a lot of info on a business card
> * WebFinger will hopefully be used as the starting point for 
> auto-provisioning of email clients or other devices and applications 
> where one has to enter server and port information
>
> Paul

All,

Here's a simple and useful thing that can be achieved with Webfinger:

You notarize digital identity cards (aka. X.509 certificates) where an 
acct: scheme URI in the certificate's SAN (Subject Alternative Name) 
enables X.509 based verifiable identity beyond Email oriented S/MIME. It 
also means you can construct sophisticated ACLs and Data Access Policies 
for a Global Read-Write Web.

We have just released version 1.3.0 of our YouID app for iOS that 
supports what I've outlined above. This product has actually supported 
Webfinger since its inception. What we would liked to have been able to 
add for acct: URIs and Webfinger lookups is the ability for anyone to 
host their profile document via services such as Dropbox, Google Drive, 
SkyDrive, Box. etc., which is what's achieved via http: scheme URIs.

Links:

1. http://youid.openlinksw.com -- home page
2. http://bit.ly/19McSik -- G+ note about the 1.3.0 release.

Kingsley

>
> On 10/14/2013 11:21 PM, Eric Mill wrote:
>> Hey all,
>>
>> I was at a hackathon 
>> <http://fedscoop.com/code-dc-calls-furloughed-feds/> today, and spent 
>> the day working on Webfinger libraries for Sinatra 
>> <https://github.com/konklone/sinatra-webfinger> and Jekyll 
>> <https://github.com/konklone/jekyll-webfinger>. It was really 
>> productive, but -- at the end of the day, a reporter was there asking 
>> everybody questions about their projects.
>>
>> When he asked what Webfinger was for, I realized that the original 
>> easy-to-communicate killer app for Webfinger, easing universal login 
>> through OpenID, was 
>> <http://productblogarchive.37signals.com/products/2011/01/well-be-retiring-our-support-of-openid-on-may-1.html> 
>> dead <https://www.myopenid.com/>. The only thing I could think to say 
>> was "Remember OpenID? Before it died? Well, this is a piece of the 
>> puzzle to putting something like that back together again."
>>
>> That didn't feel like a very impressive answer. So, now that OpenID 
>> is dead, what's the one line explanation for why Webfinger is 
>> important? What's the path forward to making Webfinger something 
>> people are incentivized to support?
>>
>> Should we be pushing really hard to resuscitate OpenID via OpenID 
>> Connect? Do we just need to wait for internal lobbying inside of 
>> Google/Microsoft/Twitter/etc to pay off in some announcement? I know 
>> Webfinger supports more than email lookup -- is there some particular 
>> killer app people were envisioning when they lobbied for that feature?
>>
>> I'm so happy there's finally an RFC, after so many years. I recognize 
>> how much work was put in to make that happen, and this shouldn't be 
>> taken as a criticism of anyone. I just want to know what others see 
>> for the future of Webfinger, and what I should do next.
>>
>> -- Eric
>>
>> -- 
>> konklone.com <http://konklone.com> | @konklone 
>> <https://twitter.com/konklone>
>>
>>
>> _______________________________________________
>> webfinger mailing list
>> webfinger@ietf.org
>> https://www.ietf.org/mailman/listinfo/webfinger
>
>
>
> _______________________________________________
> webfinger mailing list
> webfinger@ietf.org
> https://www.ietf.org/mailman/listinfo/webfinger


-- 

Regards,

Kingsley Idehen	
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen

v2.23.0 | Report a Bug | By Email