DISQUS

That's the right approach-- focus on the user scenarios and making the user experience right. The engineers can then work their magic to support the requirements.

The idAuth idea plays nicely with the "commenter's bill of right" posted over at Disqus. To enforce these rights, a system of definitive comment ownership is needed.

http://bigheadlabs.com/~daniel/draft/acommenter...

Things are headed in the right direction!

I like the idea-- it's a step towards giving me control over all content I publish/contribute on the web, whether a blog post or a blog comment, a photo, etc.

I'm not a member of SID, so not sure what's being discussed, but the cookie idea can be problematic since the blog comment system will be unable to read cookies set by the aggregator (unless they are in the same domain). This is why federated auth systems implement an intermediate redirect, passing encrypted information in the querystring and ultimately two cookies get set, one in each domain. (Or backend web-service calls are made.)