On 13 August 2011 09:43, John Walsh <fiftyf...@waldevin.com> wrote: > Hi Everybody, > > I have reviewed http://wiki.debian.org/FreedomBox/IdentityManagement and > have the following questions, comments and suggestions. Once agreement is > reached, i.e. no disagreements on this thread I will update the wiki entry. > > First of all I would like to make the observation that the current document > seems to be primarily concerned about security but touches on user > management. If this document is concerned with trust management and not user > management then I apologise now for my comments being off-topic about this > wiki entry. I have also broadened the scope of user management to include > people in every context. > > Before I write about user management, I would like to mention some > differences I see between people in the real world and the online world. In > the real world, a multi-lingual person speaks to different groups in their > own languages, i.e. some group members may only understand the groups > language. In the online world, multi-lingual people (correct me if this > assumption is wrong) are happy to receive content in different languages as > a single (activity) stream. However, the "mono-lingual" people only want to > see the multi-lingual posts of their language and for this reason websites > stream content based on language, e.g. en.wikinews.org, de.wikinews.org, > en.ogmaciel.com, pt.ogmaciel.com. Does this mean multi-lingual people should > have a different username for each language for the benefit of their > "mono-lingual" audience? > > In the real world, when an activist says something controversial this may go > unnoticed by most of their friends through the anonymity of the real world. > Even those friends present at the time could have been surprised by the > activists comments, but being human they may forget over time. However, in > the online world there would be a permanent record of the activists comments > - the internet never forgets. If the FBX is to accommodate this need, should > the FBX manage two domains, one for personal usernames and one for activist > usernames? Can you have 2 domains on the same IP address? > > Below are the existing Glossary entries > > Owner(s): Administrative account on the FreedomBox. > > User(s): refers to system user, which would be the login used to connect to > a FreedomBox account. > > Identit{y,ies}: refers to a virtual (or service) identity. > > I would like to propose the following glossary entries; > > *Owner* > The FBX Administrative Account > > *Local* > One or many Local Area Network user accounts. Each Local has system user > login access to a FBX. > > *Username* > One or many username's (usern...@domain.tld) per account. Should there be > one username per language? > > *Profile* > Profiles can be based on relationships and language. Profiles are used to > control the release of personal identifiable and personal information. > > *Contact* > Address book of Local. > > *Guest* > One or many contacts with Guest login access to the FBX. A Guest account is > required to store your friends backup or for friends who only have an email > address, i.e. no social network account. Each contact is associated with a > profile through a defined relationship. > > *Circle* > Lists of contacts. There will be lists for relationships which will be > automatically updated when there is a new Guest. There can be custom lists > with contacts and/or guests (guests are a subset of contacts). > > *Group* > Private (invite only) and moderated and public forums/conferences for > members > > *Member* > Public access to Group login on the FBX > > *Subscriber* > A "follower" of the public stream > > The existing *features* are listed below > > The User/Identity management must enforce privacy and avoid leaks of > informations. > > Users/Owners of a FreedomBox should be able to have several Identities. > > Identities must not be linked publicly to a User. > > Identities or Users may not be linked to a Legal Name. > > Identities should be able to use several services, not always hosted on the > same FreedomBox. Thus there should be a way to publish this information, > either publicly or privately. > > There must be strong ways to authenticate an Identity as well as a User. > > There must be strong ways to verify a Identity ownership. > > I would be grateful if somebody could explain bullet point 5 and the last > bullet point. I would also like to propose "identity" in the feature list > above be replaced with username, a label more familiar to users. I would > also like to propose the "Using GNUPG" section be replaced with "Security". > > Some of my glossary entries seem a bit long and I am wondering should some > of the glossary characteristics be listed as a feature. I also wonder where > should I place the scenarios described above - should I add them to the user > stories wiki entry? > > If people agree with broadening the scope of the entry I would like to > rename the wiki entry to user management. All feedback is welcome.
Nice wrap up. This might be helpful too http://www.w3.org/2005/Incubator/socialweb/XGR-socialweb-20101206/#Terminology The report from December last year, was several years of study of the identity landscape, invited experts from pretty much every major group had input and gave presentations. > > -- fiftyfour > > > > > > > _______________________________________________ > Freedombox-discuss mailing list > Freedombox-discuss@lists.alioth.debian.org > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss > _______________________________________________ Freedombox-discuss mailing list Freedombox-discuss@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss