consensus
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [GNU/consensus] [SocialSwarm-D] Zooko's Triangle

From: Melvin Carvalho
Subject: Re: [GNU/consensus] [SocialSwarm-D] Zooko's Triangle
Date: Thu, 25 Jul 2013 19:34:54 +0200



On 25 July 2013 19:19, Klaus Wuestefeld <address@hidden> wrote:
People wont authenticate multiple facets, will they?

Sure they will, at the moment we have a world split between http profiles and email addresses.  http is more popular, largely due to facebook, but there's other systems such as tent, indieweb, foaf etc.  email is pushed hard by google, microsoft, yahoo and friends. 

If you had to choose 1 of the two http is superior imho because you can derefernce http to find more information, you cant dereference email easily.  Additionally, a normal user can create a profile page, but running an email server is normally an enterprise level task.

Strangely, it seems to be a religious war for the last 5 years, and I have no idea why.  It has slowed us down, and unnecessary. 

The point here is that it does not have to be either/or, it can be AND.  You can imagine other facets in future being added such as telephone, key, name, fingerprint, qr code or whatever.

As it happens, authentication is rare, and normally happens as a one-off.  After that an unguessable string is normally shared between parties (eg in a cookie) to mean you dont have to authenticate again.  People often login today by clicking a button.  If your public key is in your client, you just need to click and not type or remember anything.

Authentication and identity are different concepts which are commonly grouped together.  It's rare that people look up other people by email when adding a friend, they will use the real name, and this is also displayed on your wall etc. 
 

On Thu, Jul 25, 2013 at 2:17 PM, Melvin Carvalho
<address@hidden> wrote:
>
>
>
> On 25 July 2013 19:11, Klaus Wuestefeld <address@hidden> wrote:
>>
>> I'm 100% with Marco. Forget friendly identifiers. Tor is already
>> playing with fire making its keys that short.
>>
>> Things will only get worse. With the advent of quantum computing we
>> are looking at public keys in the order of megabytes.
>>
>> We will all learn to keep address books like our grandmothers did for
>> unfriendly six digit phone numbers and street addresses.
>>
>> No big deal.
>
>
> Yes, this is true, but zooko's triangle only applies to a single string
> identity.
>
> In practice, identity is an OBJECT with facets.  So you can have an email, a
> telephone, a real name, a public key, or whatever you want.  In most cases
> there's no need to disambiguate, or even to remember anything.  This is
> exactly how facebook does it, and it works perfectly.  It's only when you
> pick ONE facet, and disallow all others that zooko's triangle comes into
> play.
>
> tl;dr this is only a problem for identifier overloading -- make identity a
> multi faceted object and have the best of all worlds
>
>>
>>
>> Klaus
>> http://sneer.me
>>
>>
>> On Thu, Jul 25, 2013 at 7:27 AM, Michael Rogers
>> <address@hidden> wrote:
>> > -----BEGIN PGP SIGNED MESSAGE-----
>> > Hash: SHA1
>> >
>> > On 25/07/13 11:10, Melvin Carvalho wrote:
>> >> I think maybe what you are getting at is that you think using
>> >> address@hidden as the single identifier for a lot of different things
>> >> (email, chat, files, voip, social, etc) is a really bad idea. You
>> >> don't have to like it, but address@hidden is still the most commonly
>> >> used identifier there is. To embrace it is hardly being intolerant,
>> >> it is just being practical and backward compatible.
>> >>
>> >>
>> >> Embracing email as part of a holistic identity strategy could be
>> >> practical.  But if it's using email as the 'one identity to rule
>> >> them all' -- it's going to be fractured by nature.
>> >
>> > I don't think the suggestion is to use email addresses as universal
>> > identifiers, but simply to use the address@hidden format, which is
>> > memorisable, easily recognised, and clearly represents the
>> > user/service provider relationship.
>> >
>> > However, using one format for multiple services is confusing - already
>> > I can't put my Jabber ID on my business card without explaining that
>> > it's not an email address. Perhaps it would be appropriate to use
>> > different separators for different services - user#domain,
>> > user*domain, etc?
>> >
>> > Cheers,
>> > Michael
>> >
>> > -----BEGIN PGP SIGNATURE-----
>> > Version: GnuPG v1.4.10 (GNU/Linux)
>> >
>> > iQEcBAEBAgAGBQJR8P2XAAoJEBEET9GfxSfMTBcIAKcxwJmhxQD3GqdggYZcL0QT
>> > KXlSJRuOZ/Y8L+97MRKTvSzOroNS5Gk6tIdv62V5OdPZGRejfqbYtFH6N94u7ApS
>> > ycIUCqxG83mLiDvb2I/5p7lANu60nV388OGfWlacqM2a5kYv5oB4N7f69Ci1LwCs
>> > rU5MiQ8Z1QQBYPvv3WAJnNoZjQdjG77f1GXYyRLYa37tvQaaK6DCUhrnSr8sTY5B
>> > N76fZDfOQJwu4Bdj/2r7H0tE+2IzkowEUYdCT//V75fCpyXRRd4SB6HYMk4jRJ1a
>> > y34UUiOKbCrshlw/N6McV31KzgkirLQONDpKM+ORdKlFKE+titArHwlUfOUnvso=
>> > =J38N
>> > -----END PGP SIGNATURE-----
>> > _______________________________________________
>> > SocialSwarm-DISCUSSION mailing list
>> > address@hidden
>> > https://mail.foebud.org/cgi-bin/mailman/listinfo/socialswarm-discussion
>> >
>> > Website        : http://socialswarm.net/
>> > Wiki           : https://wiki.socialswarm.net
>> > Liquid Feedback: https://socialswarm.tracciabi.li
>> >
>> > All mailing lists for SocialSwarm:
>> >
>> > SocialSwarm-ANNOUNCE (Announcements only; no discussion)
>> > SocialSwarm-DISCUSSION (discussion list)
>> > SocialSwarm-TECH (discussion list for technik and coders)
>> >
>> > https://mail.foebud.org/cgi-bin/mailman/listinfo/socialswarm-announce
>> > https://mail.foebud.org/cgi-bin/mailman/listinfo/socialswarm-tech
>> > https://mail.foebud.org/cgi-bin/mailman/listinfo/socialswarm-discussion
>> >
>> >
>> > FoeBuD e.V. | Marktstrasse 18 | 33602 Bielefeld | Germany |
>> > address@hidden
>>
>>
>>
>> --
>> Valeu, Klaus.
>
>



--
Valeu, Klaus.

reply via email to
[Prev in Thread] Current Thread [Next in Thread]