Re: [webfinger] Vision for Webfinger - what are we doing?

Bob Wyman <bob@wyman.us> Fri, 01 November 2013 18:08 UTC

Return-Path: <bobwyman@gmail.com>
X-Original-To: webfinger@ietfa.amsl.com
Delivered-To: webfinger@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B4F8A21E80B2 for <webfinger@ietfa.amsl.com>; Fri, 1 Nov 2013 11:08:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.623
X-Spam-Level:
X-Spam-Status: No, score=0.623 tagged_above=-999 required=5 tests=[AWL=-2.600, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, FM_IS_IT_OUR_ACCOUNT=4.2, HTML_MESSAGE=0.001, J_BACKHAIR_42=1, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZUAVbBnSbyhY for <webfinger@ietfa.amsl.com>; Fri, 1 Nov 2013 11:08:38 -0700 (PDT)
Received: from mail-we0-x22e.google.com (mail-we0-x22e.google.com [IPv6:2a00:1450:400c:c03::22e]) by ietfa.amsl.com (Postfix) with ESMTP id 3539C11E8177 for <webfinger@ietf.org>; Fri, 1 Nov 2013 11:08:37 -0700 (PDT)
Received: by mail-we0-f174.google.com with SMTP id u56so4244085wes.5 for <webfinger@ietf.org>; Fri, 01 Nov 2013 11:08:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=xqUwe2QBDuhX5n1fPQnOUl+qAem7r/MEhPHrEGfyZ5I=; b=fAGSRovrG0MINF3L19zJirXoue6PJSzY5HXLTcgcf3I3aO7ouKeuCe4gxZ2HD5Ler1 mBN4kWJ3ZlZ6WlKrB25dW18nkyvleN+X6nA3wiAJxV6aU+T0TCuyUxoTVnFFpNQRLMAN GQNbwQhPr21hO96jnufUNZuRD2jd70cSUgfYHM38JVah4uFYnmrrIO+RjqayA+Uz1bWC FtewMnRd/ZN25ze/HP5Zt1N+7/0DcC4O4+gvRmWRginXL2xkxSWT6G9yTrBICnAlPuRU hauOrxV1QhIL81+6pbDRQFQsjk7kXhMkC0vsDOxxu7H1eiEyMVGsMst4pRPxAVHoezpa mNSA==
MIME-Version: 1.0
X-Received: by 10.180.83.228 with SMTP id t4mr3169620wiy.12.1383329315669; Fri, 01 Nov 2013 11:08:35 -0700 (PDT)
Sender: bobwyman@gmail.com
Received: by 10.194.190.166 with HTTP; Fri, 1 Nov 2013 11:08:35 -0700 (PDT)
In-Reply-To: <CANBOYLV+Oci29Gqp=qHZUhSgiR3M3uxnBL7i376y36D++ETvUA@mail.gmail.com>
References: <CANBOYLVNwmneMiNaM+7DGm+UyDbZBhhcX15b=CeNoZgxf+oEDw@mail.gmail.com> <525D9646.7010306@packetizer.com> <CANBOYLXNktGGHSaC4BEi4nN19OY=tLU16SocqO6akdybC40p0A@mail.gmail.com> <CANBOYLXVtj1ppNGZmATkgJv2aqsG-q4ZedkOPNesUhwwCTd-XA@mail.gmail.com> <CAKaEYhKGH=vQH2qun2y3CNbxEjLtJtR+i9Z3q_act-SmiDQfCg@mail.gmail.com> <CANBOYLV+Oci29Gqp=qHZUhSgiR3M3uxnBL7i376y36D++ETvUA@mail.gmail.com>
Date: Fri, 1 Nov 2013 14:08:35 -0400
X-Google-Sender-Auth: 368FyKgBQbRGbeEJXjPHuua5RRI
Message-ID: <CAA1s49X5xmV2RFDpVZBO5wwCZeFPJviQFA6PbXv=5xNZdt7ONQ@mail.gmail.com>
From: Bob Wyman <bob@wyman.us>
To: Eric Mill <eric@konklone.com>
Content-Type: multipart/alternative; boundary=f46d04428ba077d09d04ea217414
Cc: "Paul E. Jones" <paulej@packetizer.com>, WebFinger List <webfinger@googlegroups.com>, "webfinger@ietf.org" <webfinger@ietf.org>
Subject: Re: [webfinger] Vision for Webfinger - what are we doing?
X-BeenThere: webfinger@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of the Webfinger protocol proposal in the Applications Area <webfinger.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/webfinger>, <mailto:webfinger-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/webfinger>
List-Post: <mailto:webfinger@ietf.org>
List-Help: <mailto:webfinger-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/webfinger>, <mailto:webfinger-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Nov 2013 18:08:40 -0000

On Fri, Nov 1, 2013 at 11:49 AM, Eric Mill <eric@konklone.com> wrote:

> I know I gloss over the non-email uses of Webfinger. It's just very far
> from my original understanding of WF, and I don't know any uses out there
> of WF for non-email URIs to mention.
>

Imagine that you were running a service like Twitter that has accounts but
doesn't offer email service. In this case, you might use an acct: URI to
allow data to be associated with names of your accounts.

Imagine that you had a web page that allowed users to do some kind of a
search or perform some function upon filling out a form. But, you also
offered an API so that folk could write programs to accomplish the same
function without parsing HTML, etc. -- if only they knew the API protocol
or had a WSDL<http://en.wikipedia.org/wiki/Web_Services_Description_Language>-like
document describing it. In that case, you could use WebFinger to return a
resource that described or pointed to the API that should be used with the
page. (i.e. this would be like a simple, distributed version of
UDDI<http://en.wikipedia.org/wiki/Universal_Description_Discovery_and_Integration>
...)

etc. the uses are endless...



> FWIW, I was more precise in the definition I contributed<https://github.com/webfinger/webfinger.net/pull/5>to the front
> page of webfinger.net <http://webfinger.net/>: "A way to attach
> information to an email address, or other online resource."
>
> About the link relations (and maybe this should be a separate thread),
> when I was making sinatra-webfinger, I realized it was useful to start a little
> mapping file<https://github.com/konklone/sinatra-webfinger/blob/master/data/urns.yml>of keywords to best-practice URNs. That way, my configuration was just
> "name: 'Eric Mill'", etc.
>
> Maybe it's worth factoring this out to its own tiny repo, and soliciting
> contributions? I think in practice, most admin and user interaction with
> Webfinger property names and link rel's should be through common names, not
> literally pasting in whole URNs. I honestly can't be bothered to remember
> them, or choose between them.
>
> -- Eric
>
>
> On Fri, Nov 1, 2013 at 11:14 AM, Melvin Carvalho <melvincarvalho@gmail.com
> > wrote:
>
>>
>>
>>
>> On 1 November 2013 15:58, Eric Mill <eric@konklone.com> wrote:
>>
>>> I channeled this into a blog post, if anyone's interested:
>>>
>>> https://konklone.com/post/webfinger-gets-a-final-chance
>>>
>>
>> Nice post.  It's actually worth rereading Eran's post on this topic.
>> It's great that eran talks about http range 14.
>>
>> +1 that your record has https
>>
>> +1 that you set the mime type
>>
>> I personally would *not* use the webfinger.net link relations, but reuse
>> existing predicates such as FOAF, which passes W3C validation (e.g.
>> vapour).  But you are free to choose what you prefer.
>>
>> IMHO, decentralization didnt happen, we live in a more centralized web
>> than ever.  Many people including Chris Messina advocated the host your own
>> identity pattern, but slowly but surely, the concept was put more and more
>> to the side.  At least openid in theory still allows it, even if the
>> practice is very different.  Persona does not allow it at all.
>>
>> You seem to suggest that webfinger is about getting information about
>> email addresses, although that was the original idea, but it's not now.
>> It's about accounts at hosts, which is a subtle difference.  SWD was about
>> email addresses.
>>
>> Overall I find myself agreeing with most of what you say :)
>>
>>
>>>
>>> I imagine it's going to rankle some people who disagree with my
>>> prognosis that some things are dead, but it's how it feels from here.
>>> Webfinger needs rapid experimentation, high profile adoption, and the
>>> energy of the rest of the open web community.
>>>
>>>
>>> On Wed, Oct 16, 2013 at 11:38 AM, Eric Mill <eric@konklone.com> wrote:
>>>
>>>> This is all helpful to hear, and I hope these all come to fruition,
>>>> especially OpenID Connect. I'll take a stab at setting up my own OpenID
>>>> Connect service on my domain and see how it feels.
>>>>
>>>> I guess it's inevitable that we have to hope the big companies make a
>>>> meaningful gesture, too. Giving Google's outdated Webfinger endpoint<https://gmail.com/.well-known/host-meta> for
>>>> Gmail a big update would be a great start.
>>>>
>>>> On Tue, Oct 15, 2013 at 3:23 PM, Paul E. Jones <paulej@packetizer.com>wrote;wrote:
>>>>
>>>>>  Eric,
>>>>>
>>>>> OpenID is not entirely dead, yet.  I still run my own OpenID OP server
>>>>> and use it to log into some sites.  I still allow OpenID logins on
>>>>> forums.packetizer.com, too.  It's still in use, but the large sites
>>>>> just didn't have enough users using it, so they axed it.  On its heels,
>>>>> though, is now OpenID Connect and it will use WebFinger for discovery.  so,
>>>>> sure... push it :-)
>>>>>
>>>>> Personally, I can think of a lot of good uses for WebFinger:
>>>>> * When I log onto a web site, I want the site to grab my name an
>>>>> picture automatically.
>>>>> * If I want somebody to send me bitcoins, I'd much rather give them my
>>>>> email address (and I do have that in my WF account)
>>>>> * My contact info is published via WebFinger, so I don't have to give
>>>>> people a lot of info on a business card
>>>>> * WebFinger will hopefully be used as the starting point for
>>>>> auto-provisioning of email clients or other devices and applications where
>>>>> one has to enter server and port information
>>>>>
>>>>> Paul
>>>>>
>>>>>
>>>>> On 10/14/2013 11:21 PM, Eric Mill wrote:
>>>>>
>>>>> Hey all,
>>>>>
>>>>>  I was at a hackathon<http://fedscoop.com/code-dc-calls-furloughed-feds/> today,
>>>>> and spent the day working on Webfinger libraries for Sinatra<https://github.com/konklone/sinatra-webfinger>and
>>>>> Jekyll <https://github.com/konklone/jekyll-webfinger>. It was really
>>>>> productive, but -- at the end of the day, a reporter was there asking
>>>>> everybody questions about their projects.
>>>>>
>>>>>  When he asked what Webfinger was for, I realized that the original
>>>>> easy-to-communicate killer app for Webfinger, easing universal login
>>>>> through OpenID, was<http://productblogarchive.37signals.com/products/2011/01/well-be-retiring-our-support-of-openid-on-may-1.html>
>>>>> dead <https://www.myopenid.com/>. The only thing I could think to say
>>>>> was "Remember OpenID? Before it died? Well, this is a piece of the puzzle
>>>>> to putting something like that back together again."
>>>>>
>>>>>  That didn't feel like a very impressive answer. So, now that OpenID
>>>>> is dead, what's the one line explanation for why Webfinger is important?
>>>>> What's the path forward to making Webfinger something people are
>>>>> incentivized to support?
>>>>>
>>>>>  Should we be pushing really hard to resuscitate OpenID via OpenID
>>>>> Connect? Do we just need to wait for internal lobbying inside of
>>>>> Google/Microsoft/Twitter/etc to pay off in some announcement? I know
>>>>> Webfinger supports more than email lookup -- is there some particular
>>>>> killer app people were envisioning when they lobbied for that feature?
>>>>>
>>>>>  I'm so happy there's finally an RFC, after so many years. I
>>>>> recognize how much work was put in to make that happen, and this shouldn't
>>>>> be taken as a criticism of anyone. I just want to know what others see for
>>>>> the future of Webfinger, and what I should do next.
>>>>>
>>>>>  -- Eric
>>>>>
>>>>>  --
>>>>>  konklone.com | @konklone <https://twitter.com/konklone>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> webfinger mailing listwebfinger@ietf.orghttps://www.ietf.org/mailman/listinfo/webfinger
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> webfinger mailing list
>>>>> webfinger@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/webfinger
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> konklone.com | @konklone <https://twitter.com/konklone>
>>>>
>>>
>>>
>>>
>>> --
>>> konklone.com | @konklone <https://twitter.com/konklone>
>>>
>>> _______________________________________________
>>> webfinger mailing list
>>> webfinger@ietf.org
>>> https://www.ietf.org/mailman/listinfo/webfinger
>>>
>>>
>>  --
>>
>>
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "WebFinger" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to webfinger+unsubscribe@googlegroups.com.
>> For more options, visit https://groups.google.com/groups/opt_out.
>>
>
>
>
> --
> konklone.com | @konklone <https://twitter.com/konklone>
>
> _______________________________________________
> webfinger mailing list
> webfinger@ietf.org
> https://www.ietf.org/mailman/listinfo/webfinger
>
>