How to Share a Social Network

Euan wrote about this on Nascent, but I had a post planned as well. Basically the question is - in order to transfer a social network between sites - "How do you share a list of email addresses with an untrusted third-party?"

The scenario is that you're running a site with user accounts, and users want to export their social network. The problem is that you don't want to expose the email addresses of a user's contacts either to the user themself, or to the third party site.

If all the people involved have public URLs then you can use these as identifiers and expose them as XFN, as used by Google's Social Graph API. (note: can an OpenID URL be considered public, if someone used it to register/sign in without an email address?)

Facebook Connect, on the other hand, asks you to hash all the email addresses, which are then compared to a table of hashed email addresses of all their users. The problem with this method is that there's a single hash key for all addresses (if the receiver had to compute hash tables on demand it would be too expensive), so it would be easy to create a lookup table for all possible email addresses up to a certain length and use this to decode the hashed addresses. Perhaps your users might not object to your giving their email addresses to Facebook, but it could just as easily be any other, less reputable, site. Sharing email addresses in this way may also run counter to assurances of privacy given to users during sign-up.

The only completely secure alternative I can think of, while still using email addresses as keys, is something like Google's Friend Connect, where the social network is handled centrally and all connections between people are mediated through one system, so no private identifiers ever have to be passed around. That doesn't bode well for data portability, though, and presumably that's an extra reason why OpenID is considered useful - as a shareable, public identifier around which networks can be constructed.