Expert Texture Home Contact me About Subscribe Digipede Connect on LinkedIn rwandering on Twitter rwandering on FriendFeed

The blogged wandering of Robert W. Anderson

Digital Signatures != Notary Public

I am in the “pro email encryption” camp. If encrypting all email communications was easy enough, I would do it. I won’t get into “easy enough” here, but the issue is really about encrypting for a particular recipient, most of whom don’t care about encryption in the first place. I used to routinely digitally sign my emails as well, but stopped doing that for the same reason — most recipients didn’t know what to make of it.

Anyway, I’m coming to this topic now indirectly because of Google’s new “End to End” product / plugin / stance.   Sounds cool, and I’m sure I’ll check it out.

In A World without Hearsay, Jon Udell tackles the question of why he used to digitally sign his emails and then discusses an argument made by Yaron Goland in a post with a very long title: Why Google’s support of PGP Mail might not be such a brilliant idea – Or, why I don’t like digital signatures for social networking and how Thali addresses this

In that post, the author likes digital signatures to a roving notary public:

A digital signature is intended to be an authenticator, a way for someone other than us to prove that we did/said something. When we use digital signatures for momentous things that should be on the public record, like mortgage documents perhaps, then they serve a good purpose. But with PGP Mail we suddenly sign… well… everything[2]. It’s like having a notary public walking behind you all day long stamping every statement, note, mail, etc. as provably and irrevocably yours.

I don’t think we want such records to exist. I think we want a much more ephemeral world where the bulk of what we do just quietly vanishes into the ether leaving as little of a trail as possible.

I completely agree that we would be better off in a more ephemeral world, but the notary public analogy is completely wrong.

A notary public does in fact record (in a physical record book) every action, along with a physical signature and a fingerprint (noting that the specifics may differ across jurisdictional boundaries).  Signing one’s own email does no such thing.  It does not create a record, and does not make cause the email to become more permanent than it was without a signature.

It may be harder to deny that you wrote it; however, the more automated (or easy) it is to make such signatures, the less likely that such emails will have any weight over a non-signed email in a court of law.

To be clear, I’m not harshing on Thali — I have no opinion on that right now — I just don’t think the signature/notary argument has merit.


Tags: ,

Voting for the OpenID Board voting closing on Christmas Eve, there is just over a week left to vote for the OpenID board.  Personally, I have been meaning to join the OpenID foundation for some time.  Having the opportunity to vote for the incoming board pushed me to finally do it.

Although I really like OpenID, I am critical of it.  Why?  Because trust is not baked-in. 

This makes it hard for a Relying Party (RP) to determine if an OpenID comes from a trustworthy Identity Provider (IP).  I believe this is the fundamental roadblock to the big services becoming RPs.  My eyes roll to the back of my head whenever I hear users criticize services for not accepting arbitrary OpenIDs. (More here: OpenID and the Relying Party Patchwork).

This roadblock is a problem for the OpenID technologists to solve. 

The confused users is another problem altogether.  While I am a bit skeptical of the motives behind demanding OpenID adoption without solving this trust problem first, OpenID does have a real problem with an inaccurate market perception. 

So, I decided to vote.  There are 17 nominees and each member gets 7 votes.  I have not decided who I will vote for, but my votes will go to those who see these as top priorities of the foundation.  I am mainly basing my votes on the candidate statements ( for members).  If you aren’t a member, you can see the complete list of nominees at ReadWriteWeb

Tentatively, here are my yes votes . . .

  • Nat Sakimura:  He lists Trust relationship and reputation as barriers to adoption.
  • David Recordon:  Unfortunately, aside from his obvious credentials he doesn’t say what he thinks are important for the foundation.  He has probably written this elsewhere — I’ll have move past his statement.
  • Same for Joseph Smarr and Scott Kveton
  • Johannes Ernst: He talks about “mainstream sites” and relying parties, not just users.
  • Chris Messina:  I respect his work and certainly like what he says about usability — he doesn’t mention relying parties though.

What am I missing (besides a 7th vote)?  Am I wrong about the priorities?  Should my votes go elsewhere? 

Tags: ,

Meeting Notes #1

On the phone with Steve Gillmor this morning talking about, among other things, Plan B

Here are my notes:


Tags: , ,

Twitter and Verizon

Update 2:If you reading this (mild) rant, don’t. Nothing to see here. This all works fine. See updates on the bottom, if you are so inclined.

Twitter is cool.  But is it fun enough for me?

The Twitter page says:

Twitter is more fun when used through your mobile phone or instant messenger client. Set yours up!

I tried to.  And I tried again.

It turns out that Twitter doesn’t talk to Verizon.

This fact doesn’t warrant a mention on the setup page, nor in the Help, and not even in the FAQ.  Nowhere does it say this — mostly nowhere, it is mentioned in some Twitter feed.

So — I’ll just make an outlandish claim here — a whole bunch of people have entered their text number only to find it doesn’t work.  Then these whole bunches of people tried again.  And then, third time’s a charm?  Nope. 

I can understand not leading with your weaknesses, but not mentioning it at all? 

I’m not complaining that it doesn’t work with Verizon.  I know messaging between the U.S. wireless carriers is a crapshoot — my problem is that the Twitter pages don’t mention it.

C’mon Twitter, your app is cool, but have more respect for your users.  That alone will make it more fun for me.

Update: Crystal from Twitter says (very politely) that I’m wrong about Twitter and Verizon. I’ve contacted Twitter support to get it worked out. My fault for not contacting Twitter first — and now I can’t locate the feed that mentioned problems sending SMS to Verizon. It was probably outdated, after all.

Update 2:This all works fine. I made an assumption about the process. All my fault.

Tags: , , , ,

SaaS Lighthouse Program Flickers

From Don Dodge: Microsoft has unveiled the Microsoft SaaS Lighthouse Program.

This program is designed to help SaaS startups with licensing, technical, and marketing assistance.

I have been talking about this hole in Microsoft Partner Programs for sometime — a little on my blog, but mostly in person to Robert Scoble, Sam Ramji, John deVadoss, and many others. Pretty much every Microsoft person I meet. Microsoft has a good program (called Empower) to help the ISV startup and has, up until now, really had nothing for the SaaS startup. Why is the SaaS startup important? Because Web 2.0 companies are essentially all SaaS startups. Why are Web 2.0 companies important? If you don’t know, well . . . stop reading here.

It is obvious that Microsoft is trailing in the Web 2.0 community — this is embodied in the negative perception of Microsoft I found at a TechCrunch party: “anti-Microsoft” is a buzz word?. Most Web 2.0 startups are making use of free tools to build their sites and view Microsoft’s products (primarily Server 2003 and SQL Server) as being too expensive. While the productivity gains attained using these tools trumps licensing costs, Microsoft still needs programs that will help the adoption of their technology in SaaS startups.

Unfortunately, this program isn’t it.

You see, to get into this program, your company must have venture funding. A few problems with this:

  • A venture-backed company can afford the licenses and training. Period.
  • A Web 2.0 startup doesn’t start with venture money. In fact, very few startups begin with venture. So, the Web 2.0 startup gets no help from Microsoft until after VC? Kind of obvious, I know, but the startup has probably already built a service and released it before they get serious interest from a VC.
  • The venture clause is likely a way for Microsoft to get external validation that the startup isn’t wasting their time and money. OK, but that is no way to increase adoption.

Now, I cannot claim that the purpose of this program is to help Web 2.0 startups (or to increase adoption of Microsoft techologies).

Just to be clear: it doesn’t.

Tags: , , ,

Search SIG: The Search for Attention

I’ll be at the SDForum Search SIG tonight: The Search for Attention. Jeff Clavier (the SIG chair) has a post about it here.

Steve Gillmor is hosting the panel discussion with Dick Costolo, Gabe Rivera, David Sifry, and Seth Goldstein.

Steve will be talking about GestureBank — I’ve been teaming with him on its architecture — his presentation will precipitate much interest and discussion.

If you are there, look me up.

Tags: , , , ,

Ray Ozzie’s Web Clipboard

Similar to his post on SSE, Ray Ozzie’s post on Wiring the Web has generated a lot of chatter.

I see this as really two things:

  1. Solving a major usability problem in Web applications: unbearably limited copy and paste. While we take this for granted in our client applications, we have all gotten by without it in Web applications for way too long. In and of itself this is a big deal.
  2. Then, what I think is the actual big deal: a Web demonstration of something else that most of us have probably ignored outright: the L in OLE (i.e., linking). Sure, this works in our client applications (though I think many of us abandoned its use a long time back), but working between applications anywhere on the Internet? Very powerful. And yes, RSS will already allow us to subscribe and fetch data into our aggregator. But coupling microformats with RSS and a simple link-pasting mechanism gives us (and even the “average” user) so much more.

I wonder how many people are surprised that it ends up being Microsoft that comes up with something like this. This is real Web 2.0 innovation, yes, but also interesting is that it can remove a key usability advantage that smart-clients have over browser UI. Ironically this helps close the gap between the BUI and the GUI (and we know which one wins this fight when the gap is gone). Now, I really wish I was going to Mix06 — maybe there will be more up their sleeves. BTW, I like the fact that Microsoft is working with Dave Winer on these ideas (OK, maybe it is just Ray Ozzie doing that, I don’t know).

Marc Cantor says he loves the Web Clipboard here. I almost misquoted him as saying it was “coolio” — seemed like a safe bet — anyway, it layers well on his work with microformats.

Adam Green asks if Windows is relevant in a Web 2.0 world? He wonders if part of Mr. Ozzie’s motive is to make Windows still relevant. Certainly a valid question; however, the interop that the screencasts show between the OS and the Web may depend on Windows in this implementation (and specifically the Windows RSS Platform), but the underlying architecture does not. It is just XML. So is the question really: is the desktop OS relevant in a Web 2.0 world? Undeniably, yes. I, for one, would like to see the OS vendors fight for their customers on features and not using lock-in. This sounds like a feature, not a lock-in.
Jim Benson uses Mr. Ozzie’s effort of an example of how . . .

We are moving beyond push-blogging to actually sharing information. It’s beyond pull as well. The read write web may well be the push pull web … and all points in between.

I was having this same thought driving home today — though we all have to help make this happen by engaging in microformats and Web Clipboard adoption (otherwise we may end up with a push-me pull-you Web 😉

I’m up for it.

Tags: , , , , ,

TechCrunch 5

Had a great time at Mike Arrington’s party last night, TechCrunch 5.

These parties are on an upward trajectory (I wrote about the previous one here). Last time there were boxes of pizza strewn about; this time there was catering — some of the food was quite good. Last time it was very cold in the backyard; this time there was a tent. Last time it was pretty full; this time it was absolutely packed. Next time, I think Mike is going to have to get an even bigger tent.
Anyway, thanks to Mike and Robert Scoble for the great time. I see in the pictures that Robert and Shel Israel took off their shirts for a photo (I missed that). Here are the Flickr photos. Even better, Robert’s Dad was there. And of course Patrick Scoble was also there. Robert’s dad must be very proud of his son / grandson.

Some people I talked to:

  • I ran into Nima Dilmaghani, a developer evangelist at Microsoft. I did a double-take when I saw him, because I don’t usually see Microsoft people at these events. He has the right approach to .NET evangelism: he doesn’t claim it is the right answer to every problem, but can knowledgably explain the relative benefits of the platform in an honest way. Note that link is to his empty WordPress blog — I’m hoping that will shame him into getting his blogging going 😉
  • I also talked with Ramana Kovi of ePlatform; look for their launch soon.
    Keep your eye on Kevin Burton’s Feed Blog. Word has it he was chasing a scoop last night; I don’t know what it was.
  • I talked a bit to Andrew Bunner, Director of Engineering of Rojo. He demonstrated some of the new features for me. I asked him about the AttentionTrust and its principles; particularly about principal #2, Mobility (we’re looking into that). In talking to him, though, I think that there is still a general misunderstanding about the AttentionTrust. It is about the 4 principles and the mission. That’s it. The ATX (attention recorder) allows you to store locally and / or provide data to services (one right now, ROOT). Using it isn’t in any way a requirement of the AttentionTrust’s principles.
  • I saw Zach Coelius again, his company Triggit is coming along. I realized he reminds me of my best man, David Shaw.

And many others, too. A splendid time for all, methinks.

Tags: , , , , ,

Why Web2.0 is a natural for the Mac crowd

I generally use Microsoft Windows and I mostly use desktop apps.

I have to admit: I often get annoyed with Web-based UI. Even that with the slickest use of AJAX. Even with WordPress, the application I am using right now.

And what is my problem?

  • Losing my form data if I hit the backspace at the wrong time?
  • Managing application-related pop-up windows?
  • Discerning what some little non-standard icon means?
  • Actually getting my mouse over that tiny icon?


It is that the right mouse button has nothing to do with the specific page I’m on. Occasionally I find myself right-clicking and going “doh, this isn’t a Windows desktop application.” I miss having context-related options available with a right-click of the mouse (and no, I don’t just mean “copy this link”, etc.).

Of course, until recently, the Macintosh had no right mouse button. Or left button for that matter. Just one.

So all these Macintosh users look at the Web applications (Web 2.0 or not) and they are much like Macintosh desktop applications. See a button: click on it. See a menu. Click on it.

This limitation we Windows users perceive in browser-based apps just isn’t there for Mac users.

So Microsoft, and Robert Scoble in particular, I think you guys might be missing this point regarding Web 2.0. If you want to get more involved in Web 2.0, forget Live and Office Live; instead, start shipping single button mice. I know it might seem like a me-too mid-1980’s strategy, but you never know.

Tags: , , ,

Getting Better: Berkeley Bloggers Dinner #2

Last night, Dave Winer held the Berkeley Bloggers Dinner #2.

I had a good time and as usual met several new people. At one point, Dave got up and talked a little about his past, his current plans, and asked the group what they wanted to do with these dinners. Meet and eat? Maybe work on a project? I heard later that he hadn’t wanted to get up and talk, but I know that several of us appreciated hearing him give some perspective on why he is arranging these dinners and what he is up to.

In terms of logistics, I think it worked a little better than the last dinner. People were able to move around which is a good thing. The downtown location is good (barring the Cal / Stanford basketball game which affect traffic). The large round tables were a little strange and the karaoke music was a bit loud at times. I dropped enough hints about singing at the karaoke bar, the clearly no one was up for that. 😉
Unfortunately, the attendance was low. Dave had planned in advance with the hotel for a certain number of people to cover a buffet. When people don’t show, someone gets stiffed. We all pitched in more money (at least I hope we all did), but I suspect that Dave got stuck with the balance.

Thanks to Dave for arranging the dinner — I know this is a real value to many people. I hope that the experience with the hotel doesn’t put him off to do more of these. I do think that this dinner was better than last.

Thanks to Tom Conrad for the beer. It is a little known fact that we members of the CTOs of Oakland Startups Club have this understanding about buying the round — I’ll get the next one.

I enjoyed chatting with Enric. Let me know if you want to try out the Digipede Network.

I met Shannon Whitley again. Since meeting him several months ago, he has started blogging. He took exception to some arguments that were made last night regarding technology and change. He may have misunderstood where I was coming from — enterprises cannot throw their investments in the lake; many businesses are five+ years behind the technology curve and that is actually OK.

I enjoyed some banter with Steve Gillmor over Windows, IE, and the Beatles of all things. He is a challenging adversary on the latter topic — he trumps my trivia knowledge considering he actually saw them perform.

And now I’m 3 for 3 in meeting someone who uses FreeBSD at one of these events.

Tags: , ,

Next entries »