Δαφνη Ευτυχια Αρθουρος

This is about unintentionally anonymous, and signed but technically 'anonymous', comments on my journals -- mostly at Dreamwidth.

At most of the journalling sites I use, I have anonymous comments set to be screened, as a response to the spambot problem. So when you leave a comment without signing in, your comment is hidden until the next time I look and notice that I've got legitimate anonymous comments to unscreen. If you post your comment while I'm asleep or out of the house, it could be a while.

I understand that some folks really don't want to create yet another account/online-identity to keep track of, and a few people wish to specifically avoid particular sites for personal or political reasons. My first suggestion there is OpenID.

I also understand that some folks already know about and understand OpenID, and for whatever good or bad reasons really don't want to use it. To those people who are deliberately using the anonymous-comment feature and identifying yourselves in other ways, I say, thank you for sticking your name in your comments somewhere, at the bottom as a signature or at the top or in the subject line as a "hey, this is me", so that I have more clue than just word-choice and punctuation[1] to figure out which of my friends is writing, and please carry on as you have been doing.

This message is for the rest of you, who would leave not-anonymous-in-the-technical-LJ/DW-sense comments if doing so were really easy, but either don't know about OpenID or haven't gotten around to experimenting with it. Because depending on your personal threshold for the "really easy" category, it is in fact really easy[2].

Many, though not all, LJ-like sites (and a growing number of completely unrelated ones!) support OpenID, a cross-site authentication scheme developed (IIRC) by LJ founder brad, with, last I checked, terribly confusing instructions for a pretty simple process. (The instructions at openid.net might have been replaced by something clearer since the last time I looked. One can hope.)

What it is:

Let me start with the purpose + mechanism in really broad strokes: if you have an account on one OpenID site (such as LJ), and you want to log in at another OpenID site where you don't have an account, you log in with your OpenID identity, and the destination site sends a message to your home site saying, "This person is trying to log in and claims to be your user so-and-so -- are they?" Then your home site sends you a messsage (if you've got one of its pages showing in your browser and are currently logged into it), saying, "This other site said you're trying to log into it using your ID here -- is it really you trying to do that, and do I have your permission to tell that other site that yes, it's you?" When you click "yeah, sure" on that, your home site tells the destination site, "yup, confirmed, that's my user trying to log into you, go ahead," and the destination site creates a login session very much like it would if you had an account there, but with an identity of you-at-your-home-site instead of as a local-to-that-destination user.

So you never expose your password to the foreign site, but the foreign site asks your home site to verify your identity and give an aye/nay answer.

I wanted to get the techie stuff out of the way first in case there were any lingering trust issues regarding what OpenID does and doesn't expose, particularly WRT passwords.

How to do it:

Now I get to try to convince you it's "easy". Personally, once I got past the confusing instructions, I found it to be so.

Some sites play more nicely with OpenID than others, thus making it even more convenient than the basic level of support. (IIRC, DW is in the more-convenient class based on what it lets you do to customize an OpenID identity after logging in.) I'm going to use Dreamwidth as my example even though I've not verified that everything I say here will apply elsewhere, because DW is where most of you will be replying to me most often. The basics will apply to logging into InsaneJournal from LiveJournal, or logging into LiveJournal from Blogger.com, as well.

So let's say you're an LJ user and you've clicked through to read my QotD at DW and you'd like to leave a comment. You click "Reply" and get a comment form; at the top is a section that looks something like this:

(where I'm using ( ) to represent a radio-button). Now here's one important though tiny detail: see where it says "(will be screened)" next to the OpenID button? That's a mistake! OpenID comments will be immediately visible despite what it says there. (Anonymous comments will be screened for real.)

Now you click the OpenID button, and two new fields appear: a text box labelled "Identity URL" and a checkbox labelled "Login?".

Fill in the identity box with the URL of your 'recent entries' page on LJ (leaving off the "http://" part is okay). So if I did not have a DW account, I would enter "dglenn.livejournal.com" in that box. Optionally, check the "login?" box -- I'll talk about that below but you can probably guess the result. Then type in your comment as you normally would.

When you click the "Post Comment" button, you'll get a Livejournal page that says,

Another site on the web wants to validate your LiveJournal identity. No information will be shared with them that isn't already public in your profile, only that you're who you've already told them you are (if you told them).

The address wanting permission is:
http://www.dreamwidth.org

Do you want to pass your identity to them?

[Yes; just this time] [Yes; always] [No.]

If you click either of the "yes" buttons, your comment will be posted, it will show up not as an anonymous comment, but as being from yourname.livejournal.com with an OpenID logo next to your ID instead of a little user-head. It will be immediately publically visible jut as if a DW user had posted it. Presto!

When another reader comes along, sees your comment, and thinks, "You have interesting ideas and I would like to subscribe to your newsletter," they can click on your OpenID name "yourname.livejournal.com" and jump directly to your journal on LJ that way.

(For those of you who care -- I assume few others are bothering to read this far -- Is this something I should learn how to do a video lesson for, where y'all can see a movie of what happens on my screen as I do these steps, or have I managed to describe it all more or less intelligibly?)

That sounds like a bit of a hassle just to leave one comment, eh?

Here's the thing: you can do this once and then not worry about it.

Furthermore, if you checked the "Login?" box when you selected OpenID to post your comment with, the next time you try to post a comment on DW (until your login cookie expires or you log out), it'll automatically post it as being from your OpenID ID, because you're actually logged into DW without having a DW account to worry about remembering a password for, setting up, etc. (But you can do some setup on this foreign account if you like -- assign an Icon, add a profile -- by clicking on the OpenID logo next to your name.) So you do this like once every two weeks per computer you use, and the rest of the time it's just as easy as being logged into a DW account without splitting up your online presence with Yet Another Account.

(Also, DW lets you log in via OpenID right from their main login page or their front page, so you can be already logged in as an OpenID user before you even get around to wanting to post a comment.)

If you later decide that you do want a DW account, one of the features in the works (last I checked) was some way of "claiming" your old OpenID comments under your proper DW login, including automagically imported comments from when another DW user imported all their entries from LJ.

Oh, and if you do want a DW account, I have a couple DW invite codes.

One caveat: while I was typing this I was going through all the steps to make sure I was describing things correctly, and I couldn't get it to work using my IJ identity, though commenting at DW using my LJ and CommieJournal identities worked perfectly. I don't know whether this is a temporary DNS glitch, a bug that needs to be fixed, or what.

Of course, if your comment is really just a personal note to me and doesn't need to be visible in the discussion thread, then leaving it technically-anonymous and therefore screened doesn't matter so much (though of course some sort of human-readable identification is appreciated unless you really are trying to be really-anonymous.

A separate issue regarding comments:

Ideally, I'd like all the comments on all the copies of my entries to show up together, not scattered around with some on IJ, some on LJ, and some on DW. But I also know that if I turn off commenting on all but one site, some friends are just not going to bother going to the trouble of commenting someplace other than the journalling site they call home, and I value your comments more than the convenience of seeing them all in one place ... and equally importantly, since the reason I mirror my journal to so many places at once is to avoid having all my eggs in one basket should the site I pick become evil, get bought out, suffer catastrophic failure, or wither due to founder's loss of interest, having all the comments in one place would defeat that. So until I work out a way to automatically mirror comments cleanly[3], I'm afraid any discussions my entries spark will be fragmented, with most people only seeing one fork at a time.

[1] And no, this is not a snark at the friend whose signature is punctuation -- that's clearly a signature. :-)

[2] Except for one friend who just couldn't get it to work, which warrants a bug report, but I'm not sure which site the bug report needs to be filed with.

[3] My current idea is to clone them (using the email notifications) to a central non-LJ-like site, and maintain linkages so that attempts to reply there get redirected back to an appropriate LJ-like site. I haven't worked the kinks out of the design in my head yet, and have an awful lot more pressing on my to-do list.