OpenID and Reputation Service

A Reputation Service is a service providing reputation informations
on a given user identity, IP or server.

A Reputation Service implements a Reputation System, which definition can be found here: http://en.wikipedia.org/wiki/Reputation_system

Some Reputation Systems provide access to their database by exposing web services.

An example of reputation service platform is http://www.karmasphere.com.

OpenID implementations can be integrated with a Reputation Service to grant an improved user security.

As shown by the following pictures, there are two main integration scenarios for a Reputation Service in the OpenID context:

1. Provider side: an OpenID Provider uses a Reputation Service to report the level of reliability of Relying Parties its user requires to access during
   setup session. It can even reject the login request.
   
   
   



2. Relying Party side: a Relying Party uses a Reputation Service to verify the level of reliability of a OpenID Provider, providing feedback to the user or even deciding to reject the authentication request.
   
   

The third kind of interaction, not considered in this context, is when the user accesses the catalog of a Reputation Service by himself.

Wiki section on Identity Pages

The concept of Wiki doesn't need presentations.

The conceptual idea discussed in this post is the possibility of defining an editable section on the user identity Page, a simple Wiki area.

The Wiki section is just a subset of the content of the entire page, this because the contents of the Identity Page related to declaration of the authentication protocol and the section related to the user data must be unmodifiable by users to guarantee a good level of security and robustness of the system.

The immediate advantages are obvious: the Identity Page will become the baricenter of the user identity, anything that can be represented as a link and embedded in a HTML page, both static or dynamic scripting, is a candidate content of the Wiki Section.

Tipical contents would be:

• link User blog


• link to photo album


• link to social network profile

Expose your FOAF profile!

Still working on Identity Pages.

FOAF stays for Friend Of A Friend, and it is a RDF machine-readable format used
to describe people, activities and relations with other people and resources.

FOAF can be used to describe yourself, friendship, workmate relationship, relations with web entities, etc...

FOAF allows to describe a Social Network without the need to have a central database, in fact every FOAF resource links other resources
distributed over Internet.

More infomations about FOAF here.

Why adopt FOAF?

Main search engines (Google and Yahoo to begin) have started a series of standardization
activities to enable interoperability among Social Networks, ( see SocialGraph).

On the point of view of our Customer, we're dealing with a large pre-existing Community
that has been recently enabled with OpenID profiles and relative Identity Provider service.

We are evaluating the possibility to expose FOAF profiles through user Identity Pages. The FOAF document would be dynamically generated
to represent the interconnections of users inside the Community.

The exposition of the FOAF document would be declared as service of a Yadis manifest.

Yadis is a Service Discovery System allowing Relying Parties (aka identity consumers or membersites) to determine automatically, without end-user intervention, the most appropriate protocol to use for authenticating a user and exchanging data.

To have an overview see: what is Yadis

Microformats in your Identity Page

Microformats

In these days I'm evaluating the impact of adding Microformats in Identity Page
for a OpenID provider implementation developed for a big Italian Company.

Microformats, (abbreviation µF) is an approach to semantic markup meant to reuse
existing HTML and XHTML tags to express metadata.

This approach allows to identify and process in a fully automated way informations intended for final users(business cards, geographic coordinates, calendar events and so on).

Although web page content can be already processed in a fully automated way, Microformats are intended as a bridge to semantically connect data.

Data expressed with Microformats is enabled to be read in a unambiguous way by
browsers and search engines.

Version 3 of Firefor and version 8 on Internet Explorer support natively Microformats.

To know more about Microformats I suggest you Microformats

Integration of Microformats in OpenID identity Pages has a very low impact,
in fact it is just to decide what information expose and then rearrange the HTML page layout.

Considering the kind of data found in an Identity page, the first Microformat cames me to mind is the hcard.

Enabling an Identity Page with hcard will allow you collect personal information data of people you know just browsing it.

Let we start!

This is the first post of my blog on OpenID Tech Ideas.
The purpose of this blog is to collect a set of ideas around OpenID and its strictly related arguments: Social Networking, Security aspects, Multiple Identity Management and so on.
The expected target is to attract a critical mass of people discussing on these ideas and creating something new.

Let us try now...