All or nothing

I was going to write a long essay on connection and communication and use photos I have of blossoms from the Magnolia tree, which I call the “all or nothing” tree because the blossoms are there one moment, gone the next.

But I think I’ll just give the photos, throwing a few others in, and hold on my writing, which would probably be overlong and not particularly interesting, anyway, while I think about what Halley has to say about what she will, and will, not read in my weblog.

And icebergs. I’ll be thinking of icebergs.












Technology Weblogging

TypeKey: Final act

Recovered from the Wayback Machine.

Six Apart has released its pre-launch’ FAQ about TypeKey, and everything I expected about the service has been confirmed. I have no doubts that when MT 3.0 releases, we’ll see masses of people rush to enable TypeKey in their weblogs so they rest assured at night that only the proper sort of comments need appear when they are not there to maintain the necessary vigilance to protect their weblogging homes from dastardly introducers.

Discussing the issues of registration and centralization, comment spam prevention, centralization and performance, privacy, baby squirrels, and social issues, in turn:

Registration and centralization

If you want comment registration with Movable Type or TypePad, you will have to use TypeKey. As the FAQ says, if we want comment registration without TypeKey, then we’ll have to …build our own authentication system. The problem with building authentication, as with any other sercurity aspect of an application, is that it needs to be designed and incorporated right from the start; an addon registration system for a tool built to use something else is not something I want to contemplate having to maintain as Movable Type goes through new variations, open APIs or not.

If Movable Type were open source, I could understand this. And before you point out the nature of Perl, open code is not open source.

The reasons for having a centralized registration system, frankly, don’t make a lot of sense. Six Apart states that:

TypeKey takes care of the hassle of running an authentication service: building the service itself; keeping it running; dealing with users who have forgotten their username or password; verifying the email address of new users; etc. All of these tasks are managed for you by TypeKey.

I imagine if you’re a weblog that gets hundreds of new commenters a day, having a service take care of authenticating an email address would be valuable. Now, those of you who get hundreds of new commenters a day, raise your hand?

Other than that, the aspects of registration that Six Apart mention for TypeKey are built into other products, quite simply, and this includes WordPress and a host of other weblogging tools. The commenter may on occasion have to give an answer to a question to recover a password; or if the tool doesn’t provide an automated registration recovery procedure (which it should, that’s not difficult to add in), we may have to reset a person’s password manually for them, but frankly, people using software that manages registration locally has been around on the Web since it was not much beyond a twinkle in Tim Berners-Lee’s eye.

(And an added benefit with local registration – break into a local system, and you compromise one weblog or site; break into a global system, and you compromise everyone’s.)

As for managing multiple usernames and passwords form weblog to weblog, well, please. We use our email addresses for each username, and we use the same password at each, or a variation of a password based on the weblog name and our naming scheme. Not as secure to use same password? Well, sure, but we’re not talking about our bank accounts here – we’re just talking about comment systems and keeping comment spammers out.

Comment spam prevention

Authentication and registration is not a infalliable solution to comment spammers. Just think of the new offshore possibilities – hire people in countries to sign up for email addresses, get authenticated in the TypeKey system, place innocuous comments at sites until they’re allowed in, and then one fine night – blitz ‘em!

No comment registration system, TypeKey or otherwise, will be able to deliberately keep out all spammers. Fortunately Movable Type does have better comment management, with being able to delete comments by name, IP address, and URL, and this is good, this is something we have been asking for. However, I also see no evidence that throttles have been incorporated into the code to prevent trackback and comment DoS (Denial of Service) attacks, so this will continue to be a problem, even with Movable Type 3.0. Unless we hack the code, and the thought of having to hack the code before the product is even out is just too much at this point.

By the way, what about trackback?

Centralization and performance

Having a centralized registration system for a centralized weblogging tool makes sense. After all the weblog posts, comment builds, and every other aspect of the weblog is managed centrally, why not the comment registration? But there is no good technical reason for going with a centralized service for what are distributed weblogs. There are probably good commercial reasons, but none from a technical or even individual user’s point of view.

We who went to Movable Type or other product that we host on our own servers did so specifically because we did NOT want to have any form of dependency on a centralized system. We did so, for the most part, because we have been burned on either performance or access because of the centralization and scaling problems. TypeKey is no different, and in some ways, potentially worse than any of the other centralized tools that we use.

Think of it– for web sites that use centralized comment registration, every comment has to be authenticated with TypeKey. Now think about how many comments are being written at any moment in time?

Six Apart mentions the performance aspect of TypeKey, saying:

We are committed to offering a solution that has as little customer-facing downtime as possible. Of course, we can never guarantee 100% uptime. It’s in Six Apart’s best interest to keep TypeKey up and functioning and to keep our users happy. In the case of downtime, there will be fall-back options in place to help guarantee a fairly seamless commenting process. That means downtime of the TypeKey service would not necessarily mean that spammers and abusive comments could get through nor that commenters would not be able to comment. We’ll have more information about how this will work nearer to the release.

Which frankly tells me they haven’t worked through a solution on this aspect yet, and that doesn’t bode well for the use of this service.

When building a new web-enabled application with any of the clients I had when I was a technical architect, the first aspect we would build into the system was security. You have to build security from the ground up. It must be incorporated into the very design of the product, from its first conceptualization, it can never be an ‘add-on’. Added security never works as efficiently, or as effectively as security integrated deeply with the product.

Mark Pilgrim came out with a weakly satirical rant making fun of what several of us have had to say about TypeKey (after first making disparaging ethnocentric comments about our writing to our weblogs during the ‘weekends’ based on his own interpretation of same; in an international environment, no less)– including Six Apart’s own announcement of Movable Type 3.0.

(I can see, in all seriousness, why Mark would make fun of us for spending time talking about this. After all, it’s just technology. Why get worked up over technology? We never get worked up over technology such as RSS and Atom and RDF and the Semantic Web, that sort of thing.)

The only technical aspect I can pull out of his writing to address is that he lists several centralized systems that he believes do scale well and serve the community, and it’s true these have managed to scale and are useful, but each and every one has failed when I’ve tried to access it at least once a week.

Blogdex was inaccessible off and on this weekend, and Technorati was hard to access last night, and I couldn’t access Bloglines two or thee times last week, and I got some kind of odd error with Radio comments a couple of weeks ago, too, and, well, the list goes on. The problem with centralized systems is not that they fail completely and breakdown permanently; it’s that they behave oddly or inconsistently, or poorly under load.

Time out. Ever get a time out when accessing a centralized system?

But the thing with Technorati or Blogdex or Bloglines (I haven’t used Feedster) is that I’m not dependent on them to write to my weblog, or for my commenters to respond, or for my pages to be accessed. Only my own system resources, or the Internet in general between my server and each of us can impact on this. With TypeKey, though, that’s changed.

Now, not only we’ll we have to write out blog posts in Notepad or some other local application to prevent losing them when we can’t access our hosted or remote weblogging applications; we’ll have to do the same with comments, too.

(Though I imagine that Six Apart will create a caching subsystem that will cache authenticated comments for publishing when the TypeKey system is accessible again – you’ll just have to wait for the remote system to continue your discussion is all.)

Why would we go through all the hassle to have a distributed application if we’re going to tie into a centralized authentication system? Might as well go to TypePad for the rest of our weblogging needs.

(But I don’t want Mark to go away not thinking that we’re not appreciative of his efforts. As he said in one weblog comment: what’s the fuss? After all it’s just a public announcement of a new technology? Sure, I can agree with that – and Atom is just another alpha release of yet another syndication format. No big deal.)


I have no doubts that Six Apart won’t publish my personal information, just as I have no doubts that they won’t do something with the aggregate data. All that juicy information about which sites getting how many comments; and then there’s plenty of ego-stroking aspects to the application. If we think that we’re too fixated on buzzsheets such as Technorati 100, wait until we see what can be done with comments.

I’m not particularly concerned about the system being hacked into to get my individual information, though I imagine email spammers will attempt to do so to farm all of the email addresses contained in the system. However, from a security stand point, this is a bright red target in a field of beige – I have no doubts that crackers will be at that system to crack just so they can flood our comments with a crapflood of bogus comments, using our login information, as they use our IP addresses as proxy for their attacks today.

And won’t that be a hell of a mess to clean up?

Baby Squirrels

Aside from these specific technical issues, one other issue I have is the trust releationship we have have established with Ben and Mena Trott, our friends and neighbors, being carried over into our dealings with Six Apart, the company.

It’s important to remember when judging whether to buy into the use of TypeKey for your site is that Six Apart is no longer ‘Ben and Mena’. It is an international company, with international investors and multiple employees, and business concerns that influence the company’s direction. This isn’t to knock that Six Apart has become successful – more power to the company! This is to make a point that we can no longer judge the use of any product, even the ‘free’ ones, from Six Apart, as if they are given to us by Ben and Mena, sitting in their apartments, writing the code in their spare time.

I have heard some good and valid defenses of TypeKey from sites who plan on using it, or some other form of comment registration and authentication because of the nature of topics covered at their sites. These people can attract all sorts of racist and bigoted people, and they want to ensure that if a person is going to make comments such as these, they can at least be authenticated to an email address.

But much of the pushback against those of us raising technical and social concerns has been based on a personalization of the technology and the Six Apart company.

In the MeFil thread on TypeKey, one person wrote:

SixApart is the Apple of the blog world–they take the time during development to make robust, stable apps (TypePad and MT are both solid, and both spreading like wildfire as a result) and they do it with enough style and digital sex appeal to make it consistently-appealing (if not downright Pavlovian) to the crucial early adopter set.

So naturally, let the chorus of haters begin.

Just so long as the haters are Typekey-authenticated, of course.

Another wrote:

Really, who can argue that a centralized, secured, open registration system for weblogs is better than distributing a registation system into thousands of individual weblogs that never update their software? It just doesn’t make sense. Think of all the fun customer support issues that could arise from handing loud bloggers a complicated registation system. Besides, everyone loves typing their information into weblogs over and over again.

Of course, it’s not like there blogging systems out there that are focused on small closed communtities. Well, there’s livejournal, but they don’t meet my exact needs either. I mean, why should I have to switch blogging software or do any work when Six Apart should be reading my mind and meeting my needs exactly for free.

Don’t they realize that the people that read my site are so dumb that though they can use a computer, check email, and surf the web, there is no possible way they could remember a username and password. No other website makes people remember a username and password!

What is this world coming to when companies try to plan ahead and think broadly instead of catering to the loudest whiner? Egads, you’d think that I’m not the most important person in the world.

Why the sarcasm? Why the issues of hatred?

The problem is that we can’t discuss this from a technical perspective because we’re talking “Ben and Mena” here, and there are a lot of complicated factors in work. There’s Six Apart’s support for Atom when others have supported RSS; there’s the fact that Ben and Mena are, were, are webloggers just like the rest of us; that they provided Movable TYpe for free, and did start out by coding in their home, in their spare time; there’s the fact that a lot of people have met Ben and Mena, and like them, and I’m sure they are very nice, and personable.

But Six Apart is not ‘Ben and Mena”. Being critical of TypeKey is not attacking Ben and Mena. And choosing to use TypeKey should not be based on trusting Ben And Mena.

Personalizing the Tech: the social in social software

It’s not surprising that a personalization of the TypeKey has entered our discussions. The thing with social software, such as weblogging software, is that personalization will always be one of the factors in its design, no matter how much we try to ‘de-personalize’ the tech.

With TypeKey enabled at a weblog for all comments, either you register with this centralized service, or you don’t comment. But if we have good comment management and good throttles enabled to prevent comment spam, why would we use comment registration such as TypeKey? I’ve read that it’s to prevent comment spammers, but we know with current workarounds that we don’t need registration to manage comment spammers.

From what I’m hearing, now, that’s not the issue for registration. People are talking about filtering out ‘negative’ comments, and commenters who say ‘hateful’ things. The Six Apart FAQ talks about this:

Now Alice goes to Carol’s weblog. Carol also allows comments by registered users only. Alice signs in using her existing TypeKey account and posts a comment to Carol’s weblog, which goes into Carol’s moderation queue, because this is Alice’s first comment on his weblog.

But Alice hates Carol, so she left a nasty comment! Carol receives the comment via email, doesn’t like the tone of it. So she logs into Movable Type and bans Alice from posting comments to his weblog.

Damn, folks, but nasty is relative. Since the beginning of this year I have been labeled as vicous, nasty, rude, negative, and about everything you can think of. Not because I’m using names, or even personal attacks, but because I have used a specific tone of voice, or an abrupt way of speaking; I have used sarcasm and satire in responding; I have said negative things about what a person has written. Recently, a tone was even implied because I used the person’s last name, rather than their first to address them!

(As a personal aside, am I getting tired of passive aggressive types chastizing my behavior, as if they were Mom or Dad, and I the wayward child? You god damn right I’m getting tired of it. More on this in a later writing.)

Now any comment registration system will keep me out of a weblog, and TypeKey is no different than a local system. I’m not making a statement against TypeKey, now, as much as I am against comment registration; against a growing trend that I’m seeing within the weblogging world to put up barriers and filters around our spaces so that we may control not only what’s discussed within our writing, but within the comments we attach to our spaces.

Combine this with never linking to contrary viewpoints, or disparging same based on some group affiliation or at the behest of some A-lister who we’re sucking up to, and eventually we can still the voices and if we’re successful enough, the people speaking will lose heart and just go away and leave us alone.

Is this where we want to go with this brave new world?

Never say never

In my one weblogging post, I deliberately used a provocative title of “Patriot Act of Weblogging” to discuss TypeKey, and I received criticism for this, as I expcted. However, for the most part, the reason why I used this title seems to have been lost.

In my opinion, the Patriot Act was an overcompensation based on fear and a reaction to being attacked. Through it our freedoms have been curtailed, though many people feel that the added security is worth it. To me, TypeKey is based on the same principles, though of course the similarities between events are far, far different. There is no horrible and sudden loss of life, and no frightening and insiduous curtailment of civil rights, and my use of this term should be, rightfully, called on because of this.

There is a hint, though, of the same overcompensation – a reaction against being ‘attacked’, a pulling in of our heads, like the turtle into its shell, an all or nothing to both events that when I first read the TypeKey announcement, my initial reaction was that it was the Patriot Act of weblogging.

(All or nothing. Hmmm. Sounds like a good title for an essay on communication and barriers, doesn’t it?)

TypeKey is all or nothing. Not using TypeKey in my weblog doesn’t end TypeKey’s influence on me. I said I would never register with TypeKey, which means never commenting at TypeKey enabled sites. Never say never, the saying goes, but for me, never means just that – never.

Feel free to TypeKey protect your comment systems and know that I for one will not be commenting there, and perhaps that makes you even happier about TypeKey. Of course, I’ve also instigated lively discussions in your comments at times, or about your posts, but that’s beside the point. The important thing is that you have complete and utter control over who says what in your space, and that’s all that matters.

Be nice, or be gone

Be nice, or be gone someone said to me recently.

Odd thing, weblogs and comments. We say to each other, “Our weblogs are our homes and we should be able to control what’s said in them”. Yet, they aren’t our homes, are they? You don’t keep your door open for anyone to just walk in to your home, do you? Weblogs are published online supposedly because we want a broader audience for our thoughts and writing then just our friends and family.

They aren’t really our ‘homes’, and the analogy fails in so many ways, but they are our spaces, so we have a right to control them and hold people who comment accountable, don’t we?

But who holds us accountable? I’ve seen again and again, the weblogger write the most inflammatory material in an essay, and when you respond to the tone they set in their writing, or to their responses to your earlier comments, you’re told to be nice, or be gone.

We say, commenters should be held accountable for what they say. I say, but then, who holds the weblogger accountable?

Be nice, or be gone.

I guess I and all the other troublesome, negative, critical, contrary, rude, nasty, vicious, and dissenting voices that you see as graffiti on the wall will be gone, and though we can write in our own weblogs, we’ll never be part of the conversations. Free to speak, true; but not to be part of a discussion; on the outside looking in through the window at the party, trying to be heard through the thick panes. After a while though, shouting in the street gets discouraging and disheartening, and perhaps some day we’ll just be gone for good.

Just think, though: when we’re gone, you won’t need TypeKey. That’s great, isn’t it?

Photography Plants

Day at the Gardens 2








Photography Plants

Day at the gardens





Technology Weblogging

TypeKey scavenger hunt

Recovered from the Wayback Machine.

More information about TypeKey and comment management incorporated into Movable Type 3.0 is appearing, but it’s appearing in bits and pieces in certain weblog comments.

In BuzzMachine comments Mena Trott wrote:

Our announcement about the TypeKey service was focused on the TypeKey service, not the way we’ll be handling comment registration. But, without going into too much detail, I will say that we’re not starting this service in order to police or ban users. From a liability standpoint alone, it doesn’t make sense. Movable Type 3.0 has a robust comment registration system that allows the user to ban or accept users on their own weblog. TypeKey is a way to say “this person has an account and has entered a verfied email”–now you, as the weblog owner, will decide how you will handle this commenter.

We operate in California, a state where the legal system advocates personal privacy. We feel the same way, so of course, we’re not going to be providing a public list of all the blogs you’re commenting on without explicit user approval.

And regarding the subpoena issue: While Ben and myself founded Six Apart and the company still reflects our vision, we are a company that has counsel and if and when these situations come up, we follow legal guidelines. This certainly doesn’t mean just handing over user data.

Six Apart didn’t just decide to create TypeKey on a whim. We weighed the pluses and pros of both decentralized and centralized registration. Believe me, the decision didn’t happen overnight. Ultimately, the need to not sign up on every weblog you wish to comment on and the ability to say that your TypeKey identity is your own (rather than having decentralized comment registration where someone could possibly snap up your identity on a particular weblog) were two of the major issues that made us choose a centralized authentication system.

We’re going to want to compile a list of questions that people may have and add those to our FAQ. But, ultimately, we’ll want to get the product out of alpha before answering too many speculative questions 🙂
Posted by Mena Trott at March 20, 2004 03:16 PM

I can respect that Six Apart is in the middle of a development cycle, but the architecture for TypeKey is obviously designed, and the topic has been introduced with just enough information to cause confusion and concern. I’m not sure that waiting to answer questions is a feasible idea for the company. Nor is putting bits and pieces of additional information in some weblogs.

Mena is saying, “Trust us”, and asking us to trust her and Ben because they’ve been a part of this community, and have been helpful in the past, and have provided software for free for many of us. I imagine that many of you know the Trotts personally, and are very uncomfortable when talking about ‘trust’ and ‘abuse’ when referencing them.

But TypeKey is not ‘Ben and Mena” – it’s Six Apart, a company, as both the Trott’s have stressed, that has impacted on their communications and their decisions in the past. A company that the Trotts could decide to sell for a couple of million tomorrow to some major international corporation, and more power to them.

John’s Jottings has pulled together several other weblog entries on MT 3.0 and TypeKey, and it was through his effort that I found out Jay Allen has bought into TypeKey as a solution, and is discontinuing future mt-blacklist updates. As he writes:

When I saw the original feature list, I was highly skeptical that this release would solve the problem. However, SixApart did such a fantastic and elegant job of looking at the problem from a wider perspective that I was instantly won over. This new version completely solves the problem of control over outside submission to one�s blog in such an elegant and powerful way that I myself was astounded.

I can understand Jay wanting to move on – he isn’t paid for mt-blacklist other than through donations. And I’m also not surprised that he would favor a system that would basically prohibit comment posting unless you authorize the person making the comments, and the person has been ‘authenticated’. As with blacklisting, better to lose a few good comments, then run the risk of comment spam or trolls. Which means comment registration and an authentication service, which is TypeKey.

But many of us have never been comfortable with the blacklist feature of MT-blacklist, because as we’ve seen, it was abused and legitimate URLs were added to global blacklists. What we liked, what I liked, was Jay Allen’s nicely elegant email integration for managing comments, and his global comment deletion and entry re-build feature. With enhancements added to throttle the individual DoS (Denial of Service) attacks we’ve suffered from poorly designed comment spam systems, or deliberately from script kiddies, we’ve managed to gain control for the most part on our comments, with only a little effort on our part.

It does sound like some of this has been added to Movable Type 3.0, as I discovered when Ben Trott added a comment to


TypeKey is definitely not the only new feature in MT 3–it’s only a part of the release, and in fact, in our original announcement at it was barely even mentioned.

But as you said, comment registration is not for everyone, and to help out folks who don’t want to use it, we’ve also vastly improved MT’s comment management functionality: you can now look up “all comments by this author”, “all comments from this IP address”, etc, and bulk delete those comments. This is really powerful when combined with comment registration, of course, but even without using comment registration, the tools are much more powerful than in MT 2.x.

With regards to scalability: we’ve now implemented one of the major scalability improvements in TypePad into Movable Type–speeding up the archive list generation by using the MySQL or PostgreSQL processing engine rather than MT.

Finally, as far as features go: another one of the major changes in MT3 is the callback interface, which exposes much more of MT’s internal processing to plugin modules. This allows plugin developers to build large application functionality on top of Movable Type, and we’re hoping to see some really interesting tools get built, because we know that by this point, when there are hundreds of plugins up on , there are many people besides Six Apart building interesting things with Movable Type. 🙂


I think from this we can infer that if you use comment registration in Movable Type 3.0, you have to tie into TypeKey – there is no separate solution.

Of course, I’ve already been talking with another developer about hacking the code to either use locally-based authentication, or no authentication, and I’m sure others are thinking the same – which means we have yet another round of hacked code so that we don’t have to tie into this centralized authentication scheme.

On a MeFi thread, Matt Haughey says of TypeKey:

It seems on the surface to be a sort of weblog-world Microsoft Passport. I once had a chat with the original creator of Passport, face-to-face, and he asked why I didn’t use it for MetaFilter (since it would eliminate a lot of programming for user management). I stated that I didn’t due to security risks, the integrity of the data, and the inherent mistrust of the company behind it. I believe Six Apart has to deal with the same sorts of issues, but I trust their security is tight, I trust that they won’t do evil things with our data, and I trust them as a company.

I think this is a good option for people that are currently turning off their blog comments due to the deluge of spam. If the choice is no comments vs. register with Typekey comments, we as readers and owners win if Typekey is adopted. Heck, I’m tired of deleting the 1 or 2 a day that show up to my open commented Typepad and MT blogs and will seriously consider moving to registered comments only for those blogs.

There is definitely a danger in having a central store of data and taking any actions against accounts in that central store. I hope that Typekey is as transparent as possible in what they do to abusive accounts and why they do it. Of course this is all based on that single info page – perhaps typekey will never ban users system-wide and it will be up to site owners to ban users one by one (though it would be nice if there was a trusted central spammer db like mt-blacklist). But the danger is that if one person is accidentally banned from typekey comments, there could be a lot of problems.

To me, deleting one or two comments a day, especially if the tools are easy, doesn’t bother me. I figured it’s the cost of doing business, and worth it to keep my comments open for those good, but anonymous, comments that come my way every once in a while. As long as throttles are in place to prevent my system from being overloaded and taken down, and I have a good mechanism to clean up my comments, I won’t need or use registration, and hence wouldn’t need TypeKey on my site.

Besides, didn’t I say I wasn’t going to continue using Movable Type? So what’s my problem?

My problem is that TypeKey impacts on me outside my space. If other sites implement TypeKey, and I refuse to ‘register’ with some form of centralized authentication service, I can’t comment in their spaces. If other tools buy into the open API (information of which is only available after TypeKey is released), and incorporate TypeKey into their tools, then the number of sites I’ll be able to comment at, will shrink.

Not only will I, who you can assume is an ‘authenticate’ person, be restricted from joining open conversations on comment threads, but the flavor of comments will begin to change, and I can’t see this as a good thing. It seems to be popular behavior, now, to sneer with disdain at the misfits that clutter our comment spaces. Not surprisingly, another opinion I don’t share, and probably not shared by the majority of people who would like more responses to their writing, not less.

I’m writing a longish essay, which I hope to finish soon (yeah, yeah, so who’s the tease now?), on comments and communication and ‘proper’ behavior, and yes, even incorporating subjects as diverse as Howard Stern and AKMA’s signification and accountability. (Though I am not a philosopher, and usually find when I ruminate on AKMA’s more learned discussions that I’ve found a po’man’s interpretation of the subject matter, and have attached to the bright and shiny thread in the discussion rather than the more complex and hence richer aspects, most likely to the pained reading by one and all.)

In the writing one of the points I hope to make is that even negative statements have their place in communication. Yes, even a troll can serve a purpose, if by trolling they force people into defending what are deliberately provocative statements, weak assertions, and unfounded assumptions. We are in danger of filtering all passion from our interactions with each other. Why have comments if everything we say boils down to the safely, ‘Indeed’, and ‘Indeed not.”

Whether I use Movable Type or not, TypeKey impacts on me. So I continue to push about it. And to be frank, Six Apart does have an architecture in place for comment management in Movable Type 3.0, and I think they really need to provide a detailed look at this sooner, rather than later. Hints and teases, and promises of ‘more later’, are only going to make things worse, rather than better.

In the meantime, if you know of any other weblogs where any member of Six Apart has left comments, please drop me a note in comments, or send a trackback ping to this posting (you don’t have to link me to do this.)

(Morbus Iff has a good comment at his site about the implications of DDoS (Distributed Denial of Service) attacks against TypeKey:

If TypeKey proves effective, it won’t be able to stand up to a DDOS attack (if Microsoft, Yahoo, and eBay can’t, what makes us think that Ben and Mena will?), and while it runs around figuring out router filtering rules (ha, ha, ha), blogs will be as susceptible as they were before (well, that really depends on MT: if TypeKey is down, will it deny or allow all comments?))

Again, and yes, this is speculation based on what Ben has said, to take it with a grain of salt: but my impression is that TypeKey is used when a person registers with a site, to authenticate that person’s access to comments. I get the impression that it’s not used for every comment, only for the registration process. If true, this would eliminate some of the technical problems – but leave a lot of social issues still unanswered.

But then there’s that ‘login once, comment everywhere’ statement. Gah!

Frankly, mentioning something like TypeKey without being ready to provide details was perhaps not one of Six Apart’s better ideas. Stay tuned for when more information is released.