OpenID seems to be gathering a lot of momentum, and with good reason.
Educause is tracking its progress in academic settings as a way to
simplify identity management.
http://connect.educause.edu/wiki/OpenID
Combined with OAuth or other authentication systems, it seems like a
good solution which approaches the goal of a single signon.
On Jan 25, 2008 3:25 PM, Stephens, Owen <o.stephens_at_imperial.ac.uk> wrote:
> It depends on the level of security you want, but OpenID would be a good way of providing users with a single authentication for multiple sites (and Flickr/Yahoo IDs are now going to be OpenIDs) - perhaps something for LibraryThing, and other SNs to look at?
>
> Owen
>
> ________________________________
>
> From: Next generation catalogs for libraries on behalf of Tim Spalding
> Sent: Fri 1/25/2008 7:15 PM
> To: NGC4LIB_at_listserv.nd.edu
> Subject: Re: [NGC4LIB] pandora [privacy]
>
>
>
>
> You can, of course, embed the sign-in within another site. But you would
> need a separate sign in.
>
> How can we ask users to do that? By making a service that's interesting
> enough to use. The average teenager today has dozens of accounts at dozens
> of sites. Want a widget on your blog? Sign in here. It's unfortunate in some
> sense, but separation is also a good thing insofar as it embeds privacy by
> default. This is why drivers licenses no longer use social security numbers.
>
> It's also not always necessary to require sign-in immediately. Lots of
> social sites allow you to things before you make a commitment to join.
>
> You can think of that as a pointless extra step, or as the thing that keeps
> somebody in library administration or, as I suspect it will go, SirsiDynix,
> from having the addresses of everyone at your school who reviews gay
> literature. Think social networking in libraries is hard sell now? Just wait
> until someone abuses the data.
>
>
> T
>
> On 1/25/08, Chris Barr <christopher.barr_at_villanova.edu> wrote:
> >
> > This is way too much to ask from our users. How can we practically say
> > to our users:
> >
> > "Okay, here is our website. If you want to use this cool widget you need
> > to go over to this site and sign up for a screen name with your email
> > address, etc. And if you want this other feature you need to go over
> > here..."
> >
> > Now maybe I am not quite understanding what you are saying, but how many
> > ways can we ask our users to login? Quite seriously, at most
> > universities asking them to login with their ldap account is enough. If
> > we need to create screen names to protect anonymity we don't need to
> > send them offsite to an external company to do so, surely it can be
> > separated intelligently within our own system.
> >
> > For example, with Flickr I have a screen name, but to login I use a
> > Yahoo ID. I use the same Yahoo ID to login to Yahoo Answers for which I
> > have a different screen name.
> >
> > I'm sorry, I love Library Thing, del.icio.us, last.fm, etc, but I don't
> > want to require users of my website to register with them in order to
> > fully access features on my site.
> >
> > --chris
> >
> >
> >
> > Tim Spalding wrote:
> > > That's why you want LibraryThing to run your SN for you!
> > > No, seriously, whether it's LibraryThing, another company or a separate
> > > non-profit library thing, I believe in security through separation, not
> > > trust. If the data can be connected, it will. If you don't have the
> > data,
> > > you can't use it.
> > >
> > >
> > > Tim
> > >
> > > On 1/25/08, B.G. Sloan <bgsloan2_at_yahoo.com> wrote:
> > >
> > >> Interesting idea. But I think that as long as libraries run social
> > >> networking systems there will be concerns about privacy, even if the SN
> > is
> > >> decoupled from the library systems.
> > >>
> > >> Bernie
> > >>
> > >> Tim Spalding <tim_at_LIBRARYTHING.COM> wrote:
> > >> Here's a solution I want: Completely decouple library systems from
> > >> social
> > >> networking systems.
> > >>
> > >> This is, of course, what LibraryThing for Libraries has to do as we
> > move
> > >> in
> > >> this direction, since we don't connect directly to the ILS, but I also
> > >> think
> > >> it makes sense ethically.
> > >>
> > >> Libraries know "real" stuff about their patrons-addresses, for example.
> > If
> > >> the SN is decoupled and asks no personal questions, you're left with
> > >> screen
> > >> names or whatever, with no way to get to the other stuff.
> > >>
> > >> Tim
> > >>
> > >> On 1/25/08, Eric Lease Morgan wrote:
> > >>
> > >>> On Jan 25, 2008, at 12:19 PM, Chris Barr wrote:
> > >>>
> > >>>
> > >>>> My question that I keep coming back to is: How do we
> > >>>> provide feature-rich social networking functionality
> > >>>> in our applications without undermining privacy?
> > >>>>
> > >>>
> > >>> I can think of a few of solutions to the privacy issue:
> > >>>
> > >>> 1) Let people opt in; alert people that social networking
> > >>> practices reduce a person's privacy. Allow people to choose, "Yes,
> > >>> others can see my stuff."
> > >>>
> > >>> 2) Never associate things like tags with individuals other than
> > >>> the authenticated user. "Here are my tags. Here are other people's
> > >>> tags, but I don't know whose."
> > >>>
> > >>> 3) Ask ourselves, "To what degree is it the librarian's job to
> > >>> protect people's privacy versus educating people about privacy?" In
> > >>> some way our professional ethics are in impediment to creating
> > >>> services our users increasingly expect.
> > >>>
> > >>> --
> > >>> Eric Lease Morgan
> > >>> University Libraries of Notre Dame
> > >>>
> > >>>
> > >>
> > >> --
> > >> Check out my library at http://www.librarything.com/profile/timspalding
> > >>
> > >>
> > >>
> > >> ---------------------------------
> > >> Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try
> > it
> > >> now.
> > >>
> > >>
> > >
> > >
> > >
> > > --
> > > Check out my library at http://www.librarything.com/profile/timspalding
> > >
> > >
> >
>
>
>
> --
> Check out my library at http://www.librarything.com/profile/timspalding
>
Received on Fri Jan 25 2008 - 16:53:23 EST