http://blog.teledyn.com/node/1842 Comments for "MT To Reinvent Drupal Authentication" en http://blog.teledyn.com/node/1842 <p>Well, not quite, or rather, Ben and Mena have plans for comment authentication options of which <em>TypeKey</em> mimicks the Drupal-network logins ... only Drupal's is open and distributed. But, to their considerable credit, the Trotts offer an open authentication <acronym title="Application Programming Interface">API</acronym> so, should I want <em>exactly</em> Drupal-spec Jabber-ID in <span class="caps">MT,</span> I'm free to create, deploy, and, presumably, distribute it. <a href="http://www.mala.bc.ca/~soules/media113/netself.htm"><img src="http://www.mala.bc.ca/~soules/media113/turkel.gif" alt="" class="right" /></a></p> <p>This and more in the new <a title="TypeKey" href="http://www.typekey.com/faq/">TypeKey <span class="caps">FAQ</span></a>, and of the many, many comments on both sides of the fence, I'd say <a href="http://weblog.burningbird.net/fires/sensuoustechnology/typekey_final_act.htm">Burning Bird gives us a critical but fair and thorough survey</a>, there's <a href="http://diveintomark.org/archives/2004/03/22/you-blow-me">another bloodshot hipshot c'mon people from Mark</a> and a brief wit where <a href="http://golem.ph.utexas.edu/~distler/blog/archives/000335.html">distler pretty much sinks the whole centralization ploy</a> by asking such questions as, for example, how banning throw-away user identity patterns is really any better than pattern-banning endless spamsite <span class="caps">URL</span>s. </p> <p><b>Identity <span class="caps">DNS</span></b></p> <p>Nonetheless, this <em>concept</em> of granting more access control to the blog-owner, and that we are discussing solutions at all, this is really very encouraging. <a href="http://karamelly.com/"><img src="http://karamelly.com/mask.jpg" alt="" height="206" width="268" class="left" /></a> Ditto the concept of some sort of <em>reliably accountable</em> online identity, only it need not be clamped tight in a centralism; you found this website, and you're <em>reasonably</em> sure it's the right spot, and the <span class="caps">DNS </span>that did this trick is completely open, scalable, reliable, tedious to spoof and pretty hard to monitarily monopolize. </p> <p>Here I wonder if there is any deep merit in the decentralized and distributed Drupal network identity; in Drupal, once one participating host accepts your login, so will any other node in the network. In addition to being distributed, any <em>useful</em> identity system needs to break free of the monotonic, to allow colour in context, be fluid and accommodating of set and setting, just like it's real-world counterpart. Unlike Passport and other single-login services, in the Drupal scheme, there is no central profile, you are still free to fill out alternate personality data at each secondary location -- only your login/password is traded, so you can have your <em>local</em> identity arbitrarily tailored to the situation. You can be all at once seriously musician at dmusic, a wanton sex goddess at orkut, and devotionally bizgeek at ecademy. No problem.</p> <p>The Drupal/Jabber scheme also distributes the trust risk. Who you are isn't only dependent on who ever filled out the form -- the point-of-entry Drupal (or Jabber) that first accepts you is the only one that has verified your login, typically by an email challenge, only now, since your login becomes now tagged by the accepting hostname, that server will bear some of the responsibility for your authenticity. </p> http://blog.teledyn.com/node/1842#comments the skin of culture Tue, 23 Mar 2004 17:05:43 -0500 mrG 1842 at http://blog.teledyn.com