Re: [hackers] Deanster run at DFA
On Mon, Jul 28, 2003 at 12:50:34PM -0700, Joshua Koenig wrote: > > Except that if you run the auth, then all sites have to be approved and > > vetted... or have I managed to completely misunderstand this whole > > thread, > > Zack? > > Well, it's debatable what it means. From my perspective it would just > be independent sites -- could be any site online -- deciding they can > trust DFA for login data. I'll go with whatever Howard's wonks want to > do. It's not a critical piece. Apparently I *did* misunderstand Zack; I thought he was asserting that that was the case. Rough time with English this month, I guess... :-} Cheers, -- jra -- Jay R. Ashworth[EMAIL PROTECTED] Member of the Technical Staff Baylink RFC 2100 The Suncoast Freenet The Things I Think Tampa Bay, Floridahttp://baylink.pitas.com +1 727 647 1274 OS X: Because making Unix user-friendly was easier than debugging Windows -- Simon Slavin, on a.f.c
Re: [hackers] Deanster run at DFA
Just catching the tail end of this, but we're fully planning to run deanster, I've got the server space planned, and I'm looking to hire for someone to administer. So all we're doing is making sure its designed in a way we can manage. There's a lot of projects we're going to build on this, and it runs off our main database (we'll be sending out email asking folks to register additional info to fill out deanster profile). This is one that we're completely committed to -- and it would be silly to set up rival deansters off site! Except that if you run the auth, then all sites have to be approved and vetted... or have I managed to completely misunderstand this whole thread, Zack? Well, it's debatable what it means. From my perspective it would just be independent sites -- could be any site online -- deciding they can trust DFA for login data. I'll go with whatever Howard's wonks want to do. It's not a critical piece. -j
Re: [hackers] Deanster run at DFA
On Mon, Jul 28, 2003 at 01:44:44PM -0400, Zephyr Teachout wrote: > Just catching the tail end of this, but we're fully planning to run > deanster, I've got the server space planned, and I'm looking to hire for > someone to administer. So all we're doing is making sure its designed in > a way we can manage. There's a lot of projects we're going to build on > this, and it runs off our main database (we'll be sending out email > asking folks to register additional info to fill out deanster profile). > This is one that we're completely committed to -- and it would be silly > to set up rival deansters off site! Except that if you run the auth, then all sites have to be approved and vetted... or have I managed to completely misunderstand this whole thread, Zack? Cheers, -- jra -- Jay R. Ashworth[EMAIL PROTECTED] Member of the Technical Staff Baylink RFC 2100 The Suncoast Freenet The Things I Think Tampa Bay, Floridahttp://baylink.pitas.com +1 727 647 1274 OS X: Because making Unix user-friendly was easier than debugging Windows -- Simon Slavin, on a.f.c
[hackers] Deanster run at DFA
Just catching the tail end of this, but we're fully planning to run deanster, I've got the server space planned, and I'm looking to hire for someone to administer. So all we're doing is making sure its designed in a way we can manage. There's a lot of projects we're going to build on this, and it runs off our main database (we'll be sending out email asking folks to register additional info to fill out deanster profile). This is one that we're completely committed to -- and it would be silly to set up rival deansters off site! Z Zephyr Teachout Internet Organizing & Outreach Dean for America [EMAIL PROTECTED] Meetup at http://www.deanforamerica.com/meetup Get local at http://action.deanforamerica.com Contribute at http://www.deanforamerica.com/contribute -Original Message- From: Joshua Koenig [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2003 12:26 PM To: zachary rosen Cc: [EMAIL PROTECTED]; Zephyr Teachout; Jon Lebkowsky; Ka-Ping Yee Subject: Re: [hackers] Privacy control for profiles >>> We talked about this with Zephyr, and the deal is - if DFA run >>> Deanster >>> then it cannot handle Authentication for the Nodes or they would have >>> to >>> be vetted by DFA (ie official) so I don't think this is possible. >> >> What about the opposite direction? Can unofficial nodes act as >> single-signons for Deanster? All this implies is that Deanster will >> trust an external source for identity validation, a necessary >> component >> of any distributed identity framework. To put it another way, how is >> this different from Deanster accepting MS Passport validation? > > I don't see any problem with the opposite direction. THere shouldnt be > any bad implications of Deanster using trusted node logins that I can > think of. The issue with nodes using Deanster logins is that - if the > nodes authentication is "controlled" by "official" DFA services, then > the > nodes must become official / vetted as well. This make sense? It does make some sense. I think it's a little over-cautious (e.g. MS doesn't have to "endorse" every site that wants to use Passport) but it's not that big a deal. Having it work by allowing local Nodes to be trusted sources for identity is probably better anyway. More of a foundation for distributed architecture. cheers -josh