A Universal Roaming Profile?

Arnaud Sahuguet asks: "I have a cell-phone with my phone book, a PDA with my calendar info and my address book. I have my home desktop bookmarks, my work desktop bookmarks, my laptop bookmarks, my PDA bookmarks, etc. They are all mine, but somehow they are not, because they live in different networks (or on the same network but with different operators).Everybody keeps talking about convergence, but I don't see any convergence on the user profile front (data that matters to me). Microsoft is pushing for .NET MyServices, Sun et al. are pushing for Liberty Alliance, Apple is pushing for .Mac. Is it the right way to go?" One of the large major issues surrounding such a system would be implementing it in a way where the user can control the flow of data: where it is stored, when a certain piece of data can be sent, and who is allowed to get it. Sounds like a fine idea to me, what do you all think?

"As a user:

• would you be willing to have your personal profile information stored on the network?
• who would you trust? Your bank, your ISP, your cell phone provider, your company, the EFF, no one but you?
• what kind of guarantees would you require?

I have been struggling with this idea for a while and the best solution I can see is to reuse the Napster paradigm for my generic user profile infrastructure (let's call it GUPster).

Napster is (I should say was) a community of users willing to share MP3 music files, administered by a central server managing meta-data about users and files. I don't know what the exact goal was, but I can see it as a way to free ourselves from the music industry monopoly.

GUPster would be a community of network entities (e.g. servers at Yahoo!, server at SprintPCS, servers at my university, my home machine, etc.) willing to share standardized user profile components, administered conceptually by a central server managing meta-data about entities and components. The goal is to create synergies between network components in order to deploy value added services for the user. (Since I am working for the telecom industry, the goal is to make network operators happy by making end users happier.)

Just like in Napster, my user profile information will be distributed but the meta-data will be centralized (at least from a logical point of view) at the GUPster server. This way, I can decide that my credit card information will be stored at my bank, my calendar information on my Yahoo! account, my game scores on the Sony web site, etc. Network components storing my profile information will have to support the right set of interfaces and protocol and will register to the server the pieces of my profile they are storing.

Note: I will be the one deciding who stores what. Think of it as like moving to a new place. You can choose your electricity, gas, phone, cable and Internet providers.

Applications willing to access any of this information will talk to the GUPster server. And just like Napster, the server will not return data, but referrals (i.e. where this information can be found).

Unlike Napster, the central server will also enforce some access control policies defined by the user (let's call them my 'privacy shield'). If the request for user profile information is not OK (e.g. nobody can access my presence information after 9pm), the returned referral is empty.

Does it sound crazy?"

XNS

[glenstar]

You are looking for something like XNS. There is a company called OneName in Seattle that is working on a solution to do exactly what you want.

What we need...

[rant-mode-on]

... is an open source (preferably) suite that I can run on my PC at home, where I can decide the access controls, and have complete control privacy policy. Ok, so this requires a permanent connection, but that's becoming more and more available all the time.

Check out SyncML.

What you are looking for is a synchronization system (ie. SyncML). Passport and Liberty alliance only store authentication credentials and some basic profile info (ie. your contact info and optionally your credit card info for purchases.) SyncML.org has created an open standard for synchronization of PIM data so that you can have access to all of your contacts, appointments, tasks, bookmarks, etc from any devices or computers you sync with.

P3P

[0x0d0a]

Take a look. This is the first of open standards to control information about yourself.

LDAP for bookmarks, addressbooks, etc.

[Kunta+Kinte]

The poster illustrates the problem with examples such as bookmarks and address books ( which is a different problem than what liberty et. al tries to solve I believe) . These kinds of information can already be kept in an LDAP server and most applications can store and retrieve these from those servers. Outlook does it, mozilla does, ximian does it.

LDAP address book support is relatively mature in most email readers. Check out OpenLDAP for more info.

Single sign-on can also be done via LDAP. Or Kerberos/LDAP if you're so inclined. Netscape NTSych product, the Psynch® product, etc. can be used to sych NT or win2k with an external database. Check out projects such as pgina. There's a free general purpose NT password sync dll available from AcctSync. This DLL is nice, you can catch user passwords and pass them to an arbituary script with the username. This could be a perl script that updates LDAP to a vbscript that updates the coresponding Oracle user, it doesn't matter.

Also, it's simple to store public certs in an ldap server, making it easier to deploy PKI on a budget ( you don't want to know how much netscape and novell charges for this per user, trust me :)

In short, a lot of your problems can be solved right now by running a LDAP server and configuring your applications to rely on it for their datastore. Good luck.

Re:LDAP for bookmarks, addressbooks, etc.

[rixster]

Gotta agree with the LDAP thing. I use to spend hours trying to sync and keep everything in check. Now I have an LDAP database which I can access from the web (via www.horde.org) which integrates with my email (horde again) and also any other imap4 clients I use, like my Mac or PC, or even my Psion now they've finally bought out network drivers for it.
I wrote a coupla noddy data entry screens as well for the ldap server so I can add anybodies email / phone number via a few web pages, I can dump it out as a text format for easy backup (it's human readable too). The only thing I haven't done it figure out how to write WAP pages in a syncML kinda way to replicate back to my mobile - if anyones's done that, I'd appreciate some links.

Bottom line: Go LDAP / IMAP4 for all your email and address and weblink needs. It's a real existing support protocol that just about all clients have to support. I grant you setting it up is a bit of a bitch, but when it's working you'll never figure out why you had so many other disparate data stores again. Promise !!

This was already solved by Netscape

[Dylan+Tynan]

Back in Netscape 4.x days I had my netscape profile roaming across three home computers, and several computers at work. It worked great. You could select certain items to roam ... for example, the actual browser preferences file, calendar entries, bookmarks, cookies, etc. I think it might have even let you roam certificates (but maybe not).

I use Mozilla now and I didn't see the roaming functionality in there on a quick check ... probably in NS 7 though.

You could setup to Roam and store your info in either an LDAP database or on an HTTP server (much easier). You could then use SSL for those of you that are concerned with security to roam. Whenever you exited the browser, if you'd changed something (for example, new bookmark), it would update the central profile location with the new files. Nice feature, there were a couple of point releases where it would get confused and you'd wipe out your bookmarks on one system, but that was not a concern since you ended up with copies of everything on multiple computers.

Note that Netscape's roaming support extended to Unix systems too. It was sweet. Too bad Microsoft's browser monopoly killed it off. We won't see real innovation like that anymore ... instead just MS-bastardized standards designed to get you to purchase more of their software so that it will work together (hah).

A lot of you said people wouldn't store their profile info on someone else's network. Most people would though. Most of you store your email on other people's network right now. In this case, I was using my own colocated server and also ran an IMAP server on it to keep my mail in sync.

The biggest problem they had w/roaming was the lack of documentation. You can go back into newsgroup archives and occasionally run across some poor soul trying to figure out what you had to do on the server. Once setup, though, it worked great.

Good to see that we're now going to try and reinvent the wheel. Of course, this wheel will only work with a Microsoft axle, transmission, engine, and body, and it will cost you every time it turns.

Re:no trust here.

[angst_ridden_hipster]

It already exists. In a number of forms!

Backflip.com, if they're still around, did this as a service.

The Mozilla project has Bookie: http://bookie.mozdev.org/

There's also the beginnings of another shared system:
http://wwwampire.mozdev.org/

Check 'em out!

Re:A better solution

[r3tro]

www.syncml.org

XML-based, designed for n:m devices:servers, strong industry support, but not yet any consumer products i know of, and i cannot find any open source implementations. The standard is out now for almost 2 years....

--
cu
Sebastian

Re:No need for trust

[lightcycler]

Two words: translucent databases

You don't need to encrypt the whole database at once: that's a concept years out-of-date for the reasons you mention. You encrypt the URL, and nothing more.

If you have a multi-user sytem, it's even easier. You just store the URL plaintext, and use MD5(Your name/your password/bookmark number) as the key-field. Nobody can then relate any record to any other, and only someone with your name/password can scan the bookmark numbers to do the search.

Jabber

[infiniti99]

To an extent, Jabber already supports "roaming profiles" with your IM, through the use of a server-side contact list, and even any transports you might be using (AIM, ICQ, etc), along with their login info. This is more of a single-signon type thing, but it is along the same lines as a roaming profile.

But this could be taken much farther. The current protocol already offers arbitrary data storage on the server, and it could be beefed up if necessary (that's the wonderful part about an extensible protocol).

So then in your web browser (or in some global location on your OS), you could enter:

myusername@my-own-domain-nyah.com

and a password, and the browser could retrieve the necessary bookmarks and other data. And all of your data is safe at your-own-domain-nyah.com, instead of Microsoft HQ.

That pretty much covers all the bases. Time to hack this out.

-Justin

XNS

[JohnsonWax]

I'm surprised that /. isn't all over this...

Check out http://www.xns.org

"XNS is an open, XML-based protocol for identifying and linking any resource participating in any kind of digital transaction. You'll find the complete technical specifications on this site.

XNS provides a flexible, interoperable method for establishing and maintaining persistent digital identities and relationships between these identities. The protocol provides services for registering and resolving identity addresses, defining and managing XML identity documents, conducting and protecting identity transactions, and linking and synchronizing identity attributes."

Basically, store what you want, where you want, in an open format. As a public trust organization, they don't store your identity, they only proxy it. Store it with MS, with Apple, with your work, at home.

Web Based Bookmarking

[arestivo]

You can find a list of web based bookmarking systems here.