TypeKey is a free, open system providing a central identity that anyone can use to log in and post comments on blogs and other web sites.

without impinging the motives or purity of soul attaching the creators of this, i would simply note that typekey is a Centralized ShinyWidget™ that will make it easier to post comments without remembering annoying passwords, when it's up, and when it's not, it will prevent all commenting, or allow any wandering spambot to comment. like most Centralized ShinyWidget™ products, outages will be frequent and frustrating. and when the present entity expires, the smell of that database asset is going to attract carrion-eaters for whom the soothing assurances in the privacy paragraph are so much cake icing.
posted by quonsar at 7:57 PM on March 20, 2004

make it easier to post comments without remembering annoying passwords

Also, make it harder for people to pretend to be other people. Which I think is the main point.
posted by lbergstr at 8:00 PM on March 20, 2004

Thanks I prefer my web semi anonymous and that thingie doesn't help.
posted by elpapacito at 8:04 PM on March 20, 2004

So, I wonder how many Typekey accounts the average blogtroll will have to have ... hmm. I wonder what would happen if I were to pick a name like, um, quonsar ...

This is an idea that will be gamed to death.
posted by pyramid termite at 8:05 PM on March 20, 2004

I haven't run into problems with people pretending to be other people. (I know, I know, I should get out more.) I have, on the other hand, run into the Centralized ShinyWidget™ problem quonsar speaks of. When I started my blog I joined a group of Linguablogs that had a convenient widget you could add to your sidebar and it would automatically update the list as new language-related blogs were discovered. Neat! thought I, and stuck the code into my template (proud that I'd managed to figure out how to do that). About the fourth or fifth time the list vanished or went pear-shaped, I said "the hell with this" and substituted a plain old blogroll, controlled by me. Which works fine. No more ShinyWidgets™, thank you.
posted by languagehat at 8:09 PM on March 20, 2004

It seems on the surface to be a sort of weblog-world Microsoft Passport. I once had a chat with the original creator of Passport, face-to-face, and he asked why I didn't use it for MetaFilter (since it would eliminate a lot of programming for user management). I stated that I didn't due to security risks, the integrity of the data, and the inherent mistrust of the company behind it. I believe Six Apart has to deal with the same sorts of issues, but I trust their security is tight, I trust that they won't do evil things with our data, and I trust them as a company.

I think this is a good option for people that are currently turning off their blog comments due to the deluge of spam. If the choice is no comments vs. register with Typekey comments, we as readers and owners win if Typekey is adopted. Heck, I'm tired of deleting the 1 or 2 a day that show up to my open commented Typepad and MT blogs and will seriously consider moving to registered comments only for those blogs.

There is definitely a danger in having a central store of data and taking any actions against accounts in that central store. I hope that Typekey is as transparent as possible in what they do to abusive accounts and why they do it. Of course this is all based on that single info page -- perhaps typekey will never ban users system-wide and it will be up to site owners to ban users one by one (though it would be nice if there was a trusted central spammer db like mt-blacklist). But the danger is that if one person is accidentally banned from typekey comments, there could be a lot of problems.
posted by mathowie at 9:05 PM on March 20, 2004

I have an MT blog with a core group of regular posters and a number of people who randomly come by to start flame wars. It would be way, way too easy for one of them to impersonate one of the regulars, and I'm surprised by their restraint so far, actually. Also, the comments come in too fast for me to check each one for spam. This sounds great.
posted by transona5 at 9:15 PM on March 20, 2004

Yeah, I won't be bothering. If Blogger's security failure a while back taught me anything it's that no matter how trustworthy the site owners might be, putting cross-site data in a centralized server is bad. Sure, I doubt the information in typekey won't be as sensitive as the potential FTP data that was in Blogger, but the idea's the same. I'd rather just have basic registrations on *my own* server.
posted by mkn at 10:04 PM on March 20, 2004

So, does that mean that any MT webmasters that want to incorporate member sign-ups (members-only commenting) will be forced to use TypeKey? I'm putting together a little blog for some friends of mine that are all members of a club. The website will only be available to members of the club (at least the blogging part, that is). So I don't really need TypeKey. I just needs account registration... which is what I though MovableType was/is going to include in the next version release.
posted by Witty at 4:45 AM on March 21, 2004

Yeah I'm wondering the same thing as Witty. I was expecting a standalone registration system and it'll be a disappointment if it's only this TypeKey thing.

TypeKey seems like overkill if we're just talking about spam issues. I do see it having some convenience for users, but it seems like the spam problem really could be dealt with by integrating some sort of distributed MT-Blacklist IP/URL blocker gizmo rather than this giant Passport system.

On the other hand, this COULD be a really interesting community tool, a way to make it easier to participate on many blogs and make users accountable for what they say, etc. But that'll all come down to how it's integrated.
posted by frenetic at 6:47 AM on March 21, 2004

At least HALF of the members of this club I'm "working" for are over 50... and 90% of those guys have very little interest, if any, in the internet. So I'm trying to make this thing as easy and friendly as possible for them. Trying to explain the the whole TypeKey thing to those old buzzards would be a waste of time. I think they will be better apt to participate in the website if they don't have to work very hard for it.
posted by Witty at 8:38 AM on March 21, 2004

frenetic - Check out this thread at MT's support forum... specifically the very last comment on page 2, here.
posted by Witty at 9:03 AM on March 21, 2004

Yes, I agree, I don't understand why Six Apart isn't catering to my needs better.

I mean after giving away free blogging software for several years, they now want to offer free comment registration?

What are they thinking? My personal needs are not being met exactly the way I want them!

Really, who can argue that a centralized, secured, open registration system for weblogs is better than distributing a registation system into thousands of individual weblogs that never update their software? It just doesn't make sense. Think of all the fun customer support issues that could arise from handing loud bloggers a complicated registation system. Besides, everyone loves typing their information into weblogs over and over again.

Of course, it's not like there blogging systems out there that are focused on small closed communtities. Well, there's livejournal, but they don't meet my exact needs either. I mean, why should I have to switch blogging software or do any work when Six Apart should be reading my mind and meeting my needs exactly for free.

Don't they realize that the people that read my site are so dumb that though they can use a computer, check email, and surf the web, there is no possible way they could remember a username and password. No other website makes people remember a username and password!

What is this world coming to when companies try to plan ahead and think broadly instead of catering to the loudest whiner? Egads, you'd think that I'm not the most important person in the world.
posted by Argyle at 9:15 AM on March 21, 2004

Why not just use a PGP/GPG key? Bloggers will buy into any newfangled thing put out by SixApart, that's why. Suckers.
posted by angry modem at 9:17 AM on March 21, 2004

Suckers, or loyal consumers who have been well taken-care of?

SixApart is the Apple of the blog world--they take the time during development to make robust, stable apps (TypePad and MT are both solid, and both spreading like wildfire as a result) and they do it with enough style and digital sex appeal to make it consistently-appealing (if not downright Pavlovian) to the crucial early adopter set.

So naturally, let the chorus of haters begin.

Just so long as the haters are Typekey-authenticated, of course.
posted by senorbunch at 12:04 PM on March 21, 2004

Whoa, Argyle and senorbunch. This isn't a hate thing. This is people expressing concerns about a centralized authentication system, under the control of a privately funded company.

There's also a lot of unanswered questions about the 'commercial aspects' of this system, which are only hinted at by Six Apart.

It doesn't matter if Six Apart is giving away something for 'free', if it ties people into the company, and the company products, now does it? No harm in this, companies have a right to make money.

But users would be pretty stupid if they didn't look at this carefully, and question the whys and wherefores, just because it's "Ben and Mena".

It's not just "Ben and Mena". It's a company with big clients in Japan, international offices, and now over 20 developers.

So, shall we withhold the personalization of this issue, and the implication that people are saying 'hateful' things, just because people are concerned and puzzled?
posted by shelleyp at 2:21 PM on March 21, 2004

Well, I'm certainly not bitching... if that's what you think Argyle. They've been talking about implementing a registration system for months now. I just thought it was going to be something along the lines of any other normal version upgrade... an added module, or whatever. TypeKey sounds fantastic for whoever wants to use it. It just happens to be overkill for my little website. So I'm hoping (and it appears that my needs are being met based on the link I offered earlier) that there will be localized verson of membership registration that doesn't REQUIRE the use of TypeKey. Settle down.
posted by Witty at 5:29 PM on March 21, 2004

"I mean after giving away free blogging software for several years, they now want to offer free comment registration?"

Then there are those of us who would happily pay for the seemingly vaporware MT Pro. Not to mention people who have donated heavily several times and provide support for other users.

"Really, who can argue that a centralized, secured, open registration system for weblogs is better than distributing a registration system into thousands of individual weblogs that never update their software?"

Who can argue that requiring users to register with a third-party is preferable to a locally managed system?

If we wanted our hands held we'd be using TypePad.

"Think of all the fun customer support issues that could arise from handing loud bloggers a complicated registration system."

Oh, you mean like now. MT isn't exactly newbie friendly and the free support forum managed by volunteers has worked fine. When was the last time you or someone you know requested or received direct support from SixApart?

This isn't about bashing SixApart. The Trotts are wonderful people (or so I hear, I don't know them myself) who have provided a fantastic tool. But, and it's a big one, SixApart is not Ben and Mena. SixApart is a multinational company, who due to to a superior product, now have a large impact on tens (hundreds?) of thousands of users. This company has introduced a centralized authentication system that will affect a great many people and that, and that alone, makes it worth discussing.

Let's not forget the hooks built in for external application developers (already sold and in use). Hey, SixApart is golden with me and I trust them. A bigger question is do I trust whomever they decide to let in later ? Something I have no say in, because -- it's, you know, centralized.
posted by cedar at 5:36 PM on March 21, 2004

For people who are unwilling or unable to type in a name, e-mail etc for every site they comment on, surely the number that do not have a "remember me" facility are very few and far between?

While I have no problem with Six Apart as they exist now and they have certainly earned an excellent reputation for integrity, things can change for any number of reasons, so I can understand why people are concerned. Personally, I don't see much point, as it will (I assume) not be carrying out any meaningful validation that who you say you are is really who you are, but I can see that it would be a good idea for sites that want to provide some control over commenters without developing their own application.
posted by dg at 6:47 PM on March 21, 2004

Why not just use a PGP/GPG key?

The idea is to make it simpler, not more complicated.
posted by kindall at 6:50 PM on March 21, 2004

For people who are unwilling or unable to type in a name, e-mail etc for every site they comment on, surely the number that do not have a "remember me" facility are very few and far between?

No one has to type in their information for every blog that they hit, because there's a bookmarklet that will do it for you with one click. Easy peasy.

Personally, I don't see much point, as it will (I assume) not be carrying out any meaningful validation that who you say you are is really who you are, but I can see that it would be a good idea for sites that want to provide some control over commenters without developing their own application.

It's the validation part that seems least doable. Presumably, one can choose whatever name they want to register with Typekey. What's to say that the name someone chooses is their own (or at least their normal nom de net) and not them impersonating someone else? What's to prevent someone from registering multiple identities with Typepad? (They can't feasibly bind it to IP, or even browser, since people do use dynamic IPs and shared terminals to surf blogs.)

So someone is Typekey registered. Great, that means that they're not a spammer, but it doesn't -- can't really mean anything else. If you've been spared comment spam (as I have, a staunch robots.txt keeps spambots away too) then what possible benefit could Typekey have to offer you or your readers? Better question -- what possible benefit could there be which outweighs the drawbacks?
posted by Dreama at 8:27 PM on March 21, 2004

No one has to type in their information for every blog that they hit, because there's a bookmarklet that will do it for you with one click.

So will your Web browser. Most people who leave comments on your blog have one of those.
posted by kindall at 10:10 PM on March 21, 2004

"This is an idea that will be gamed to death."

I'm not so sure. LiveJournal has authenticated commenting which hasn't been gamed to death, except in the case of spambots that post anonymous comments. Many people turn off or screen anonymous comments, as a result.

Basically, the issue here isn't that this idea would make spamming of weblogs impossible... instead, it makes it more difficult than the easier, more acceptable alternatives. Why leave comments when they can email you directly? Ultimately, if you make it difficult enough, then you can make spamming an unprofitable act.
posted by insomnia_lj at 6:40 AM on March 22, 2004

Six Apart has posted a FAQ that addresses some of these concerns.
posted by Vidiot at 8:40 AM on March 23, 2004