February 14th, 2007


Ballots and Elections "Security"

The King County Elections folks have sent me a form to update my signature on my voter file, because the Seattle March special election is going to be entirely by postal mail. And they want to make sure that my signature is up to date, in order to verify my ballot.

Let's see. They postal mail me a form to this address, ask me to make a template signature, that I am to postal back to them, so that they can postal mail me a ballot, that I can fill out, and sign the wrapper, and post back to them. And to verify that I am really me, the registered voter, they will compare the signatures. Which they got via postal mail from the same address they sent the ballot to.

Are they really that stupid, or do they think that we are? Are we?

Excited about OpenID

At the Vancouver PHP Conference this past weekend, and then again last night at Ignite Seattle, there were presentations on OpenID.

OpenID is probably the coolest pieces of net "infrastructure" tech I've seen in a year. I'm really excited. I'm looking at places I can help advance the tech, projects I can plug it into.

I've started burbling it to everyone I know who has the geek chops to understand it.

For you non-tech folks, here is what it means. For every site that is OpenID enabled, you don't set up a password there. Ever. You just plug in your OpenID, and go. First thing each morning you will have to login to your OpenID provider.

A neat part of the tech is that some big company can't just be the central "Big Brother", anybody can be your authorizer, and it just works. One of the biggest authorizors right now is LiveJournal. So any OpenID enabled site, I can put "fallenpegasus.livejournal.com" in as my id, and go. Or I can install MyOpenId on a webserver somewhere, and use it. And because I've put a couple of "magic text" in the <head> of my homepage, I can just use "http://mark.atwood.name" as my id. There is a proposal to use something that looks more like a username.

Moz, FF, and IE will magically it even easier in their new versions. They will notice OpenID login boxes, and pop open a widget that will just let you select one, to save typing.

An excellent detailed howto on how to setup your own pages is here, at OpenID for non-SuperUsers. If you have your own HTML "homepage", and/or have access to a PHP enabled "home webserver", I recommend it to you highly.

The only real problem right now with OpenID is that there are actually more sites that will provide an id than will use one. But that will change. Work is underway to plug this into MediaWiki/Wikipedia, into WordPress and the other OSS blog systems, into things like bbPHP and Gallery2, and into Slash.

I'm looking myself at plugging it into Jabber and into PAM.