Sign in or Join FriendFeed
FriendFeed is the easiest way to share online. Learn more »
Paul Buchheit
Paul Buchheit
Google Points At WebFinger. Your Gmail Address Could Soon Be Your ID. - http://www.techcrunch.com/2009...
Google Points At WebFinger. Your Gmail Address Could Soon Be Your ID.
August 14, 2009 from Bookmarklet - Comment - Share
"It’s taking something everyone knows on the web (your email address) and making it immensely more valuable as a way to identify yourself and information about you. Exactly what kind of information? Here are some of the ideas from the WebFinger Google Code page: * public profile data * pointer to identity provider (e.g. OpenID server) * a public key * other services used by that email address (e.g. Flickr, Picasa, Smugmug, Twitter, Facebook, and usernames for each) * a URL to an avatar * profile data (nickname, full name, etc) * whether the email address is also a JID, or explicitly declare that it’s NOT an email, and ONLY a JID, or any combination to disambiguate all the addresses that look like something@somewhere.com * or even a public declaration that the email address doesn’t have public metadata, but has a pointer to an endpoint that, provided authentication, will tell you some protected metadata, depending on who you authenticate as." - Paul Buchheit from Bookmarklet
I don't want my contact information to be my identifier. I shouldn't have to give a website my email address, just like I shouldn't have to give a store my phone number. - Daniel Sims
Daniel, I think it just takes the form of an email address, but does not in fact have to be one (or could be a "throw away" account). - Paul Buchheit
It would be cool if we could get our act together (as an industry) and make this stuff happen. I'd also like to see ENUM deployed to the point that my phone number can be linked to my identity. (http://en.wikipedia.org/wiki...) - Joe Beda
This is a bad idea in so many ways I can't even begin to list them. - April Russo
If a site wants my email address, it's probably in order to spam me. It's usually a bad sign. If legit sites ask for my email more, it will make it harder to identify the spammers. - Tim Tyler
Do gmail users seriously still have problems with spam? I don't. - Robin Barooah
Personally this sounds great - as long as it really doesn't force you to use your actual gmail address. - Robin Barooah
I loved finger. - j1m
Does this mean I can have a .plan again? - Benjamin Lee
Sounds like the .plan which is (again) accessed via an id in email format and returns different information/metadata about a person depending on who's accessing it. Email id is used to do a DNS lookup in order to discover URL for the XRD file (accessed with a HTTP GET) containing the metadata about the person being, er, WebFinger-ed. - Nenad Nikolic
it is like user authenticating, having two three ids won't hurt ;) well i don't want to be identified, they are going same as gravatar - testbeta
It's so curious to me that people have concerns that WebFinger would lead to more spam, and yet don't like the "format" of URLs for IDs. Personally, as far as OpenID is concerned, I don't care what the identifier looks like as long as people can remember it — typically email seems easier to recall than URLs (for most people in today's world). - Chris Messina
Some users who have an email account with Google, myself included, have oodles of incoming mail both standard and secure so it fits the bill to increase security for both vendors and marketers. - frank burns
I have no problem with the idea, but it seems to me that it won't help the current state of affairs much. The kind of information I'd be interested in sharing via Webfinger (my OpenID, a URL to a FOAF file, etc.) will have no better adoption, so the Webfinger configuration doesn't buy me much. I'll hold out hopes that after a couple tight integrations between Webfinger and OpenID providers (say if Google, Microsoft and/or Yahoo provided and consumed both) things will improve ... here's to hoping :( - J. McConnell
Years ago I experimented with FOAF. I didn't fully understand nor appreciate what I was doing. To serve as a warning, if you take this example, ensure that it is blocked. #Example: I sent a file to Adobe which in turn, was sent to another email account I had at the time. I verified it's sender (ME) and sent it back in the direction of travel. A signed FOAF (API KEY) was then returned back to me, of which remained on my computer? Knowing this, it undermines the integrity and security of this application. I have since erased all files, please ensure this never happens online. - frank burns