Re: [Demexp-dev] logins and account creation.

[David MENTRE]

Hello Augustin,

I think I see your point. The reason I wanted to unify Drupal and demexp
login was to simplify account management for users, i.e. for them to see
only one login/password. The other reason is that the Real Life Name(tm)
is the only way to have an identifier for a participant. So we need a
way to maximize the probability we have a real name, and not some pseudo
or alias.

But you made good arguments for keeping them separate. I'm detailing on
them below.

Augustin <address@hidden> writes:

>>  4. Account creation form should be modified. I think it is manfdatory
>>     to have following fields:
>>
>>     * 1st name:
>>     * 2nd name:
>>     * 3rd name:
>>     * :    :
>>     * Last name/Family name:
>>
>>     * email address:
>
> As mentioned earlier, you can have all the fields you want, some private, 
> some 
> public.

Ok, so I propose the following scheme:

 * Fields visible to the user:

   * Drupal login,

   * Complete real name,

   * Email address,

   * Any field that might be necessary for other modules;

 * Fields not editable by the user (and managed by demexp admins):

   * demexp server login,

   * demexp server password;

Rationale:

 * Complete-real-name is the real life identifier of the participant.


> The display name is the login name. 

Ok, I agree: the display name is the Drupal login name.

I still have one question: is it possible to change the Drupal login
(and thus the display name) while keeping the same Drupal account?

Has Drupal an internal identifier for Drupal logins?

>>     The demexp login could be computed from 1st, 2n, ..., last names. We
>>     would have to take care of people having the same name, how to
>>     disambiguate them (several proposals for this on the demexp demo
>>     server, see question 34 
>      http://demexp.ouvaton.org/node/37 ). 
>
> This question is almost meaningless. There are a lot of assumptions made 
> here. 
>
> First it assumes that everybody is French (but it is stated everywhere that 
> demexp is an international project), then it assumes that all the French have 
> three first names.

No, you haven't read my words. ;-) We assumed that the participant has
one *or more* first names and one *or more* family names. But you are
right that we don't know much about Chinese or Indian naming
schemes. :-)

So I agree with you: it is better to have a single field for names and
let people fill it like they want.

> Currently, the accounts are created manually: what do you do if someone comes 
> up with a name you cannot type? A Polish name with diacritics (L with a bar, 
> E with a cedilla, etc.?, a Chinese name, a Japanese name... or a Swedish...

In fact, currently demexp logins are limited to A-Za-z0-9._-
characters. As I wanted to avoid unexpected side effects and didn't want
to code UTF-8 validation (not a simple task as it might seem), I limited
seriously the range of valid logins. But I might extend it in the
future.

> If the accounts are created not manually but programmatically, then the 
> elected pattern Prénom.Prénom2.Prénom3.NOM (en encodage UTF8) is making too 
> many cultural assumptions. 

Yes, this is too difficult.

So I propose following scheme:

 * demexp-server-login is derived from Complete-real-name with a simple
   encoding scheme (e.g. URL encoding of UTF-8 or any other valid
   canonical pure ASCII form);

 * once a demexp login has been assigned to a Drupal account, this login
   should be kept, even if Complete-real-name is changed.


> Also, for the sake of security, the buzz word, a simple number or hash code 
> to 
> which the real identity is associated would be better: this way the 
> hash/number <=> identity association table can be stored separately and 
> controlled by someone else, and all the votes, transactions, questions, etc. 
> would  NOT be linked to the real identity, only to a meaningless number. 

In fact, internally, demexp has meaningless user numbers. But from an
administrative point of view, I prefer having meaningful login names,
to avoid errors when manipulating accounts. Of course, "meaningful login
names" is a bit difficult to define for Chinese names. :-)

You right that association between real identity and internal demexp
identifier should be separated, but this need more thoughts to be
correctly done.

You must also note that applying a simple hash on an identifier opens
the way to dictionary attack and it is not so easy to apply correctly. 

> Another big problem I have with the "drupal login" == "demexp login" approach 
> is about inclusiveness.
[...]
> We are trying to be inclusive and invite more people to participate.
> The Drupal login will control the ability of the person to interact with the 
> whole web site, including in the general forums. With its forum system, the 
> Drupal site will be a very important venue for the community.
> Do you realize that I still don't have a demexp account?

You should fix that. ;-)

> I don't have a hard 
> client either (none was compiled for Mandriva). 
> By requiring a demexp account to login into the Drupal site, we say: you can 
> only participate in our community discussion if you already have an account.
[...]
> If we make it easier for people to join the discussion and take part in the 
> community life, they'll start giving their own opinion on topics which will 
> lead to a vote... and by the time they are interested enough to actually 
> vote, they will be greeted by a form saying "please enter your demexp account 
> name and password". 

I like this approach. 

The only difference is that, instead of filling the demexp server login
and password they would have a button saying: "give me a login/password
to vote". What do you think of it?


> Most obviously, there is no consensus on this whole point. 

I hope we're moving towards a consensus. :-)


A final note: this discussion on naming is in fact related to the way we
link an online identifier with a given real person. This is not an easy
question. We could use systems like Social Security Number, various user
information (date and location of birth), etc. I'm very far to have a
definitive answer on such a question.

Best wishes,
d.
-- 
GPG/PGP key: A3AD7A2A David MENTRE <address@hidden>
 5996 CC46 4612 9CA4 3562  D7AC 6C67 9E96 A3AD 7A2A