[foaf-dev] [Fwd: [FriendFeed] Re: FOAF tweaks]
Julian Bond
julian_bond at voidstar.com
Sat May 10 16:05:12 BST 2008
Simon Reinhardt <simon.reinhardt at koeln.de> Fri, 9 May 2008 17:35:01
>I think the FOAF community isn't taking privacy serious enough yet. So
>it can't be bad to repeat this discussion until they do. ;-)
>bblfish's initiative on secure and identity-based access to FOAF data
>is a good step in the right direction.
Yeah, well we keep circling round this. The thing is there's two
diametrically opposed use cases and user views. The first is "find my
friends who are already here" allied to "Use the web for personal
publicity." That approach assumes openness and the ability to do
matching across different sites. The second is "let me use a specific
site in relative anonymity".
>Julian Bond wrote:
>> Richard Cyganiak <richard at cyganiak.de> Fri, 9 May 2008 15:01:25
>>> mbox_sha1sum is like an “identity fingerprint” that can be
>>>tracked across the Web. Users will be surprised that sites publish
>>>such a fingerprint.
>> Which is of course, exactly why it's useful. And no matter how many
>>times I say "if you want to keep your identities separate, don't use
>>the same identifier, people will still do it.
>
>That's the point: people don't know about that. And explaining to them
>is difficult. And then you have to decide whether you want to make such
>a feature opt-out or opt-in.
Like I said. Offering a switch, defaulted on, as to whether you want to
publish FOAF and respecting other privacy switches so that no data is
published in FOAF that isn't also published in world readable HTML seems
to work. And that isn't that hard to explain.
>Probably. I don't think it's good to publish the OpenIDs people use to
>login or post on blogs either. When you publish an e-mail address,
>there are two bad things about it: you can be spammed and stuff can be
>related to your identity. When your OpenID gets published, you cannot
>get spammed, but the other problem still remains.
Increasingly as people use OpenID delegation, their OpenID *is* their
home page. I really don't see the problem.
>Among British and American people though I don't observe this that
>much. I just hope that Scott McNealy's "privacy is dead - deal with
>it!" isn't a common view. :-P
Back to my comments at the start. One group of people relish the
publicity. Lack of privacy is not a problem for them because they want
to be public. The opposite group of people want to be able to post on
the web and retain anonymity. That can be done if you really work at it.
Scott's comment takes aim at the naivety of the middle ground. The
people who think they can take part in public forums while retaining
privacy and are then surprised when they are actually public and not
private.
Back to the original issue. FriendFeed adding mbox_sha1sum to their
FOAF. My view is that mbox_sha1sum is good enough obfuscation to get
over most of the objections to posting mbox. And in practice it works
well enough with not much downside. I'd like to see included.
--
Julian Bond E&MSN: julian_bond at voidstar.com M: +44 (0)77 5907 2173
Webmaster: http://www.ecademy.com/ T: +44 (0)192 0412 433
Personal WebLog: http://www.voidstar.com/ skype:julian.bond?chat
Do Not Expose To Heat
More information about the foaf-dev
mailing list