It’s just data

Towards secure comments

From Dave to Ben to Bill to Justin to Eric, an idea is forming on how to do decentralized and secure comments. Stripping away all the implementation details here's the basics as I see them:

I like the idea of validating against something I can find in somebody's weblog. I'd also like to suggest that instead of sending back responses and presuming that the recipient is online, that I merely produce a personalized feed and leave it on my server to be fetched whenever the client desires.

There's a nice idea in there, making the identity part of the user's weblog. I like that.

Posted by Dave Winer at

Pingback from TIG's Corner


I'm gonna go out on a limb here and predict that Dave's solution will not use PGP, REST, LINK, RSS 1.0, RDF, or FOAF, because, respectively, it's overly complex, it's overly simplistic, it requires an HTML parser, it's evil, it's evil incarnate, and it's the fruit of a poisonous tree.

Posted by Mark at

Sam Ruby and Secure Commenting

"Stripping away all the implementation details here's the basics as I see them: * Comments are digitally signed * Recipient fetches proported sender's web page and discovers the key and followup policy * Recipient provides selected comments and or...

Excerpt from at

"Who Am I" -- Self Hosted Identity

A discussion on Sam's blog got me thinking about self-hosted identities. Ideally, I should be able to put together a file, discoverable through my weblog, and digitally signed with my... [more]

Trackback from snellspace


PostBack, TrackBack, through Hell and Back?

It seems some nice traction is building toward using more robust tracking of comments and postings. Will it withstand the simpleton arguments?... [more]

Trackback from Bill Kearney


More on web comments...

Well, lesse here, lots of feedback and thoughts from Friday's FOAF post:Timothy Appnel (via Ben Hammersley's weblog): Why do we need a full MT plugin?Jon Gales: What if someone doesn't have a web site?James Snell: Suggests creating a "WhoAmI" RDF file (with some of the W3C's P3P thrown in for good measure).Sam Ruby: Why not provide a personalized feed? Coolest of all though: Fun with FOAF. It's a Perl module that takes care of most... [more]

Trackback from


Jabber-based FOAF

This post brings up an important point... what if a user doesn't have a Web site? In such cases, FOAF isn't very useful. Perhaps a FOAF-enabled instant messaging client would... [more]

Trackback from snellspace


Fun with FOAF

There's been a lot of discussion lately (Dave, Ben, Bill, Justin) about using FOAF to provide a secure, cross-site identity... [more]

Trackback from Six Log


The Digital ID Federation Myth The key to any federation is understanding who's in it and who's out. The Digital ID federation concept sounds attractive, but doesn't include the customers, whose voice and stake in the game are like American Indians...

Excerpt from Lasipalatsi at

Add your comment