Six Apart announces TypeKey and the reactions are sharply divided: BuzzMachine approves (but has questions, as does Dave Winer), Don Park is for it ('... as long as it is done right. A typical cause of failure for such schemes is unnecessary tight security. ... I hope they make the right decisions'); Burningbird has a long, critical post ('Only one word can describe this design idea: bad') and Digital Common Sense is dismissive.
We need to wait until the idea is explained in more detail and is out of alpha. Mena Trott, commenting at BuzzMachine, says,
Our announcement about the TypeKey service was focused on the TypeKey service, not the way we'll be handling comment registration. But, without going into too much detail, I will say that we're not starting this service in order to police or ban users. From a liability standpoint alone, it doesn't make sense. Movable Type 3.0 has a robust comment registration system that allows the user to ban or accept users on their own weblog. TypeKey is a way to say "this person has an account and has entered a verified email"--now you, as the weblog owner, will decide how you will handle this commenter.We operate in California, a state where the legal system advocates personal privacy. We feel the same way, so of course, we're not going to be providing a public list of all the blogs you're commenting on without explicit user approval.
And regarding the subpoena issue: While Ben and myself founded Six Apart and the company still reflects our vision, we are a company that has counsel and if and when these situations come up, we follow legal guidelines. This certainly doesn't mean just handing over user data.
Six Apart didn't just decide to create TypeKey on a whim. We weighed the pluses and pros of both decentralized and centralized registration. Believe me, the decision didn't happen overnight. Ultimately, the need to not sign up on every weblog you wish to comment on and the ability to say that your TypeKey identity is your own (rather than having decentralized comment registration where someone could possibly snap up your identity on a particular weblog) were two of the major issues that made us choose a centralized authentication system.
We're going to want to compile a list of questions that people may have and add those to our FAQ. But, ultimately, we'll want to get the product out of alpha before answering too many speculative questions :)
Burningbird has an updated, long entry, pulling together something Ben Trott has posted in a comment elsewhere. Jay Allen has also posted a very positive reaction:
I don’t know how much I am supposed to say at this point, but I have been using an alpha version of MT 3.0 for over three weeks and now that the beta testing has begun, I think it’s time for me to tell you the good and bad news.MT-Blacklist’s time is coming to an end
With the TypeKey authentication services and other great features of MT 3.0, it looks like there will no longer be a need for MT-Blacklist’s continued development. This is only bad news in the sense that I never was able to reach my goals with the program with regard to P2P connectivity between blacklists. In general, however, this is fabulous news for the community because the biggest negative aspect of a blacklist is that it requires maintenance. MT 3.0’s new features do not.
When I saw the original feature list, I was highly skeptical that this release would solve the problem. However, SixApart did such a fantastic and elegant job of looking at the problem from a wider perspective that I was instantly won over. This new version completely solves the problem of control over outside submission to one’s blog in such an elegant and powerful way that I myself was astounded.
I will talk about all of this more when the time is right, but I wanted to let you know that the solution is on the fast-approaching horizon.
More commentary at idly.org, here and here.
And now (22.3.2004) there is an extensive TypeKey FAQ, and there are a few words and more comments at Six Log.
25.3.2004: Anil Dash links to phil ringnalda dot com:
Seen as a solution on its own, TypeKey seems pretty clueless: most spammers will have dozens of domains, hundreds of disposable email addresses, and virtually unlimited IP addresses, and no compunction about signing up for any number of TypeKey identities. But seen as a way to separate the wheat from the chaff, and let the people you've met at least once before through, rather than a way to separate the chaff from the wheat, and stop the unknown bad strangers without stopping the unknown good strangers, it might just work.
