Kurt McKee

lessons learned in production

Hey there! This article was written in 2008.

It might not have aged well for any number of reasons, so keep that in mind when reading (or clicking outgoing links!).

Capturing comments

Posted 13 February 2008

I stopped using coComment for a long while, and that turned out to be a mistake: I stopped commenting on others' content altogether! I'm back on coComment, and I'm loving it. If you visit my user page, you'll see that I'm actively commenting in many places.

One of the biggest problems I have with commenting is that my comment (that is, my copyrighted content) is no longer under my control. coComment gives me the ability to capture my words and store them away safely. However, it doesn't go far enough (and can't). In particular, I want to have a little signature at the bottom of my comments that points back to my own site, to the original comment, together with a GPG signature.

So, for example, I might go to Andy's blog and leave a comment that says "Maintain your blog!". Before submitting the comment to his blog, it would receive a unique identifier from my blog, get cryptographically signed, and then get submitted to his blog.

I've also considered that some sites might not like a link at the bottom of the comment; that's why it's unlikely that the little signature at the bottom of the comment would be a direct link to my site. I've also considered making the entire thing a block of text that search engines would treat as a single entity, so that the signature could be searched for easily. Perhaps it would be along the lines of kurtmckee.org-comment-4238.

I do wish that blog systems supported cryptographic signatures in a smart way. OpenPGP and GPG can help establish identity because they intrinsically depend on a web of trust. Building such tools directly into blog systems seems like a good way to help people interact with trust. I could be wrong, but those have been some of my recent thoughts about commenting.