Getting OpenID to work – when oh when?

Joseph Boyle who came to our identity panel at sxsw and then joined us for lunch has been sharing with me some of his OpenID challenges. These happen all the time – ALL THE TIME. Thing is – he is a tech guy and he still can’t get any of this to work. I asked him to document his challenges so I could share them with you – he sent this to me and O’Reilly tech folks (that was where he was trying to login)… I am hoping that these UI issues can be resolved soon.

I was going to sign up at:
https://en.oreilly.com/webexsf2009/user/account/signup/attendee#
and saw a Sign up with an OpenID option. Since I’m interested in OpenID, I thought I’d try to use an OpenID associated with one of my Yahoo or Google accounts, but this is proving more difficult than I expected.
I did manage to find Yahoo’s page for turning on OpenID support for my Yahoo account and did this, getting response:

Feeling geeky?
When you log in to a website that supports OpenID login we’ll send your OpenID identifier to the website so it can identify you.
To make things easy, we have generated this identifier for you:
https://me.yahoo.com/a/T_HpXDQkssQpI_sR……………………..
You don’t need to save this identifier. While logging in to websites, you can simply look for a Yahoo! button or typeyahoo.com in the OpenID text field. You can also choose additional custom identifiers for your Yahoo! account below.

Not geeky enough, apparently, as pasting the Yahoo-provided identifiers into your OpenID box gives errors:
Unable to find OpenID server for ‘https://me.yahoo.com/a/T_HpXDQkssQpI_sR…………………….’Unable to find OpenID server for ‘http://www.flickr.com/photos/josephboyle’
Help! What am I doing wrong? Thanks, Joseph Boyle

Identity Panel & Lunch at SXSW

I am really excited to be heading to Austin tomorrow for SXSW Interactive. After attending for 2 years in a row I didn’t attend last year and watched as all the tweets went by – wishing I was there.

I am facilitating a panel on Sunday morning 11:30 – it should be a lively one. OpenID, Oauth, Data Portability and the Enterprise.

It will be moderated by me, Identity Woman and include these find panelists, Bob Blakely The Burton Group, Danny Kolke Etelos, Inc., Joseph Smarr Chief Platform Architect, Plaxo Inc

The debate over identity, data and authentication is gaining ground in the social networking world. The more difficult discussion regarding enterprises and Web 2.0 has yet to start. Businesses realize that they must protect the data of their company, employees and customers. Join brave leaders from several Web Application companies that are beginning the discussion, “Are OpenID and OAuth good for the enterprise?”

Following there will be a Lunch for all those who want to continue the conversation – you can RSVP here.

There is a Project VRM Breakfast on Saturday morning (we figured that at least that morning people would be able/willing to get up early).

Monday for lunch I am inviting women interested in learning more about She’s Geeky to get together.

I will be tweeting away – and this is a good way to find me while I am there just DM me.

I will do some schedule browsing and post sessions related to identity tomorrow.

OpenID Momentum continues

Dave posted today on the OpenID.net blog articulating the accomplishments of the past year.

I think it is important to acknowledge the significant progress OpenID as an Open Standard for persistent digital identity across the web has made. It is amazing to think how far it has come in 2.5 years since IIW1.

Recently I was talking with a person knowledgeable about the identity community and OpenID in particular – they mentioned that some of the conversations amongst those running for the board didn’t help the community look “good”. I said to them you know a lot of communities have elections and there is 6 board seats open and 6 people running for them – so there really isn’t a dialogue, public conversation that has texture (a different word for conflicting points of view). I celebrate a community that can dive in and engage with a range of points of view and really have a meaty dialogue. This is to be celebrated – the pains of growing up.

Wired just did a detailed article on OpenID’s and Blog commenting. It closed with this… NB: Before you race to point out the irony that this particular blog doesn’t support OpenID logins for comments, I can assure you — we’re working on it.

It also said this:


It’s easier for blogs, which don’t need a lot of demographic information about a user, to let people jump in and start participating socially without filling out a registration form. Major media properties and newspaper websites, on the other hand, want age and income data they can use to sell more targeted ads. OpenID and its companion technologies have mechanisms for sites to collect that data from their users, but those mechanisms are largely left out of the blog commenting systems.

It makes me sad to see this. I was just signing up for a topica list – it asked me for my gender the year I was born and my zip code. It is trying to figure out who I am. What I don’t think is well understood is how information sharing happens over time. Asking people to give away PII (personally identifying information) to look at a newspaper is bad practice and encourages lying.

Does OpenID meet P___/Activist test yet?

Beth Kanter one of my favorite nonprofit tech friends Twittered this article The Cute Cat Theory Talk at eTech.

It puts forward an interesting hypothesis:

Based on my Tripod experience, I’d offer the hypothesis that any sufficiently advanced read/write technology will get used for two purposes: pornography and activism. Porn is a weak test for the success of participatory media – it’s like tapping a mike and asking, “Is it on?” If you’re not getting porn in your system, it doesn’t work. Activism is a stronger test – if activists are using your tools, it’s a pretty good indication that your tools are useful and usable.

The article goes continues summarizing a half dozen or more examples of how tools on the web have been used for activist purposes. It is an amazing list and worth the read.

I guess I am wondering if OpenID has been used for activism yet? I know that I have been evangelizing the concept in the NPTech community for longer then anywhere else – beginning at NTEN’s Nonprofit Technology Conference (NTC) in 2004. I am still not sure that it has sunk in or that they have figured out how to use it. Unfortunately I will not be at the NTC this year to find out.

Sorry – I am really trying to get openID to work on this hoster (well my tech person Lucy is) there is still something not working. So if you want to comment either link to this blog post and say it on your own site or send me e-mail kaliya (at) mac (dot) com. If any of you OpenID tech folks want to see if you can help her solve the problem let me know I will put you in touch.

What the Heck is Identity Commons?

The purpose of Identity Commons is:

The purpose of Identity Commons is to support, facilitate, and promote the creation of an open identity layer for the Internet — one that maximizes control, convenience, and privacy for the individual while encouraging the development of healthy, interoperable communities.

This one sentence jams a lot into it – we tried to do that so the purpose didn’t go on and on – but was clear, broad and inclusive of the range of issues that need to be addressed and balanced. Jamming so much into that one sentence also creates a challenge – it has to be ‘parsed’ quite a bit to get what it all means. I worked with Chris Allen recently to separate out the values within the purpose and our community. This is our initial draft that is still evolving (wordsimthing suggestions are welcome).

We believe in the dignity of human individual in the context of the digital world.

In order to make this true we strive for a balance of factors and valuesas digital systems and tools evolve:

  • Individual control, convenience & privacy
  • Sharing of information when participating in community
  • Support for commercial and non-commercial exchange
  • Interoperability and openness between systems

We work to bring these values into practice by fostering a collaborative a community of individuals, organizations and companies share these values and are working together towards practical technical implementations.

We share a pragmatic idealism.

We work to practice what we preach and have openness and transparency in what we do.

We do know there are a lot of technical social and legal issues that arise and Identity Commons is a space that make it possible to in a non-directive non-hierachical way address them in a collaborative way.

We also have some shared principles mostly concerning how we organize ourselves and work together. Each has a sentence to articulate it further.

1. Self-organization
2. Transparency
3. Inclusion
4. Empowerment
5. Collaboration
6. Openness
7. Dogfooding

What the heck is an “open identity layer” – well we don’t exactly know but we do have a community that has come together some shared understanding and continue to ‘struggle’ with what it means and how it should work. Identity Commons provides a ‘common’ space to work on this shared goal by facilitating dialogue and collaboration.

Kim Cameron introduced the terminology “identity meta-system” and articulated what that might mean. The Laws of Identity were put forward by him along with some additional ideas by other community members.

There is no “decider” or group of deciders or “oversight committee” as part of Identity Commons ‘directing’ the development of the “open identity layer”.

We are a community collaborating together and working to exchange information about our independent but related efforts working towards the vision. The way we do this is via the working group agreement.

  1. Asking each working group to articulate its purpose, principles and practices by filling out a charter – this helps us be clear about how different groups work and what they do/are planning on doing
  2. Stewards review proposed working group charters – ask questions, consider were there are synergies, and see if they are aligned with the purpose and principles
  3. A vote of the stewards council is held
  4. Working Groups agree to report quarterly on their activities to remain active as groups of the organization – this also is our core ‘inter group communication mechanism – so that you don’t have to be on 20+ mailing lists to know what is going on in the community.

More about Stewards:
Each working group has one steward and an alternate for the stewards council.

The stewards are responsible for the things IC holds in common – the brand and its integrity and common assets (like the wiki and bank account). It does not ‘direct things’.

Stewards have (an optional) monthly phone calls and discuss and make decisions on a mailing list (that anyone can join).

More about Working Groups:
There are working groups within Identity Commons that support the community collaborating – the stewards council does not ‘run’ these groups but they serve the community and our efforts together- The Internet Identity Workshop, IC Collaborative Tools, Idnetity Futures, Id Media Review, Identity Gang, Marketing and Evangelism.

Working Groups come in several forms:
They can be an group of people with a passion to address something they feel needs to be addressed to get to the big vision. They want some wiki space and a mailing list to talk about the issues. Examples include Enterprise Positioning, Inclusive Initiatives, Identity Rights Agreements.

They can be an existing project that are part of a larger organization, Higgins is an example of this – they are a project of the Eclipse Foundation.

They can be something that grew out of conversations in the Identity Commons community and found a home within another organization like Project VRM (charter) has as part of the Berkman Center and will likely become its own ‘organization’ independent of Berkman by the end of the year.

They can be completely independent nonprofit organizations with their own boards, governance, bank account etc. examples include XDI.org and OpenID.

Some just get technical stuff done as part of IC like OSIS (doing its 3rd Interop at RSA in a month), and Identity Schemas.

Benefits to being explicitly a part of the IC Community.

clarity about each groups purpose, principles, and practices – so that collaboration is easier.

sharing of information via the collaborative tools and lists, along with the required quarterly reporting,

We “don’t know” what an identity layer looks like but we do know it needs to have certain properties to make it work for people the extensible nature of IC gives people the freedom to start a new group that addresses an aspect of the vision. This is the page on the IC wiki that explains our organizational structure.

We are a community.
We are a community more then “an organization” and joining does not mean subsuming a group identity under IC but rather stating a commitment to a shared vision, common values and commitment to collaboration.

A touch of formalism can help create great clarity of group pratices (governenace), leadership, intention, and focus. Not needed for small groups of 12 people doing one thing- helpful when you scale to the 1000’s of people working on the big vision. IC through its groups structure has 1000’s of people participating helping to innovate the technology and think about the social and legal implications.

We are not about “a solution” or “a blue print” there will be multiple operators and multiple standards – yes like the web there may one day be ‘standard’ that emerges just like TCP/IP did and HTML/HTTPS – however it is way to early to promote or be behind “one” thing, it is not to early to start collaborating and building shared meaning and understanding and interoperability between emerging efforts.

Identity problems in the digital realm are as much about technical issues as they are about the social implications and legal issues. Identity Commons explicitly makes space for the social and legal issues to be deal with in relationship to the technologies as it evolves.

In closing there is a background (shorter) and a history (longer) written about the community as it evolved.

URL’s are cool.

Apparently some people think that I don’t like URL’s. I truly think they are great. I have since the first I heard about them. I am very excited that this model for doing SSO now exists. I think the model is very empowering truly (except for the domain name part) decentralized. I think it will be great for millions of web literate folks. Weather they have their own domain or if they just have a blog and use that URL. The way wiki travel is doing it to support interop between the different wiki travel sites is cool too.

I want to see this model flourish.

It is true that I am also not a technical person and I don’t think that they will work for ALL people (they will work for many millions of people). This is a Yes AND situation. The AND is I don’t think it will work for ‘everyone’ and particularly the user communities that I got inspired to try and build social networks for the Spiritual Activists. There are lots of web-literate folks on this list who can weave their way through domain naming and setting up stuff on their servers. I feel that part of my role is to speak up for those who are less technically savy and what could work for them in a ubiquitous identity layer. I would like to see the diversity of identifiers and ways of doing SSO flourish under OpenID. I really want a ubiquitous user-centric identity layer that can serve a diversity of people.
I had a conversation with a friend of mine yesterday. She is in her 50’s and we talked about the different things going on in our professional lives. I shared a little bit about what was happening in OpenID. I told her about this new way of doing SSO with URLs and that in the universe of possibilities there was also i-names. She said to me that she thought the URL thing would never work for her mother. That is who I care about…her mother. So went I say I like i-names and I think they will work as a way to for spiritual women over 45 to use these systems I really am just talking about those folks in a different part of the web. Who normally don’t have non-tehcnical allies on their side as these things are formed thinking about what might work for them in a ubiquitous identity layer.

Please don’t take what I say as against anything else that lives under the OpenID2 umbrella. I really love the fact everyone has found a way to cooperate despite their different angles. It gives me great optimism for the future of the web.

Corporations plan to contribute Open Source OpenID

This was a great to see from James McGovern:

In terms of my own planned 2007 contributions to open source, I will be commiting to contributing to the authorization specification as part of the OpenID community. The funny thing is that I will be going against my better judgement in that enterprises tend to desire to contribute to things that are measurable like implemented software as we really can’t do anything with ideas alone. Ideas need to be turned into software. What I fear the most is folks from Sun such as Pat Patterson, Sara Gates,Simon Phipps, Robin Wilton, Don Bowen and folks from Microsoft such as Kim Cameron and Jason Matusow openly supporting initiatives such as OpenID but not taking deliberate steps within their respective employers to actually implement the OpenID specification and any resulting authorization enhancements. I too am somewhat constrained in that the perception of anything that isn’t implemented will be perceived as an academic exercise that was a waste of time that will put the ability to contribute to open source projects in the future at risk…

XFN, Liberty 2.0 and OpenID UX

Eran Sandler has two great posts about identity and OpenID. One links to my post on “the network of Me.” He asks if we can do ‘creative things’ with XFN and identities. I personally don’t want my identifier in anyone else’s XFN file. I want to be asked by the person if I want my relationship with them expressed in a new context. All our relationships do not exist in all contexts….there is however often a lot of overlap between people with whom we share multiple contexts – making these relationships traverse contexts in a privacy protecting and non-annoying way is the challenge. I hope that people interested in how identities, social graphs and social portability will go to the Free Liberty 2.0 meeting on January 22 to learn more about their proposed open standard for this.

He also blogs eloquently about the still emerging challenge of UI and OpenID adoption.

I keep on seeing two distinct ways that are common in such sites/services (at least in the sites that I’ve visited).

The first, is to separate the OpenID handling to a different page. In that page the process of sign-in/up is actually the same. If this is your first time of signing in with your OpenID it will actually transform itself to a sign-up process and may ask you a couple of questions and may interact with your OpenID provider.

The second, OpenID is integrated only in the Sign-In screen. If you sign in with an OpenID for the first time you will actually get a sign-up process and you may be asked a few questions and have an interaction with your OpenID provider.

The best place, of course, is to have OpenID in both the Sign-In and Up screens, if a user that do have an OpenID reaches any one of these screen the scenario of signing in for the first time (or not for the first time) will work no matter when he is.

What do you think? How would use design these processes that will still fit to your site/service and still support in a clear and obvious way OpenID?

There is an emerging community that is focused on User Experience. I hope that Eran and others who care about this join up. We need all the UX brains we can get on this not easy to solve puzzle.

Why i-names? I think they work for my people.

There is a follow up post here on how URL’s are cool.

It is no secret that I happen to like i-names. They are an open standard that I think has a lot of promise to help people have more control of their identifiers on the web. I will start out with a story and go on to a few practical reasons why.

I first ‘got into’ identity it was 2004 and I was helping spread the word about the upcoming Planetwork conference – where we were going to demo a really early clugy version of i-names doing SSO between 3 systems AND talk about the Identity Commons and how it could evolve. I got my first ever VOIP phone call from Owen who was in Greece and he sent me all their documentation to date- so I could write a summary for the brochure and website. (Over the holidays I went through papers and found the folder where I had printed out all that old stuff it was fun to reflect back and realize how much had changed since then. ) I wrote a great one page summary and they liked it a lot – it was the best conscious articulation about what they were doing they had seen. This was a year after that Augmented Social Network White Paper was published – I had read it and absorbed it throughly and wanted to ‘build’ that vision for my community.

I don’t just abstractly care about this stuff. I want people and communities that I care about to have identity services that meet their needs and make them more effective in the world. In 2002 I founded a project to build such networking tools – we actually did do two prototypes in Drupal by 2005. We were early to market and those folks were not ready for what we were offering (I may turn my attention back to serving this community in 2007).

There was no other user-centric identity anything except for the i-names guys and Identity Commons who were working closely together. I got along with everyone and enjoyed their spirit and energy. So I joined - I started working for Owen Davis evangelizing for the ‘first’ Identity Commons. I will admit looking back I was perhaps ‘overly’ enthusiastic and a bit naive about where the technology was. I was having a conversation with a friend in the community saying…”you know thinking about it if I had known what I know now I am not sure I would have done that job”. His response was well “that is why the young kids get things done – they don’t know better.” I think he is right on this. I also must say I have no regrets about the path I have taken the last three years. Indeed I think I have found myself and a place in the world that I really make a difference.

The user-centric identity community has really grown and flourished in the past 2 years. Thanks to the energy and support of Doc, Phil Windley, Phil Becker, Eric Norlin, Kim Cameron, Brett McDowell and many others. It has been exciting to watch it evolve.

Johannes has been particularly instrumental in bringing the ‘web based identifier’ user-centric crowd to convergence. Like all technical communities people come at things from different angles. He is a deep sceptic about anything new. He has been patient and listened to Drummond and the other XRI guys and has come to see some real value in what they are putting forward here are two posts one on XRI resolution and the other on XDI. Phil Windly also a thoughtful voice in the space has written about how he has come to understand their offering. This is a post about attending Andy Dale’s XDI workshop. His post about i-names at IIW starts out “Over the last few years, I’ve been impressed by a new Internet naming convention called XRI, or eXtensible Resource Identifiers”.

The convergence of LID, OpenID and XRI/inames into one thing called Yadis – to reduce end user confusion is a really great thing (of course Sxip joined the party later and this too reduced confusion even more and is also a good thing). I think the choice to not continue with the ‘Yadis brand’ and go back under the OpenID brand is a good thing…it is a much nicer brand. It also means that the people coming to this need to get that OpenID now includes these other ‘threads’ in the ‘web based identifier’ way of doing things for end-users. I think this diversity is good. If you don’t want to use i-names don’t but let the diversity flourish.

On a more practical level why do I like i-names?

I think i-names are easier to get for the marginally internet literate:
It may be news to folks but there are some internet users who don’t know how to scroll. There are not a whole lot of super literate users – we hang out with a lot of them in silicon valley but normal people….they are not like us. I think there are a bunch of bloggers who are going to ‘get’ that the URL they have for their blog is something they can use to login to other blogs to comment etc. That is cool. I think it is going to be the majority of OpenID users in the next year. I also really think that it is going to be a lot easier for regular folks to ‘get’ i-names.

Domain names system usabilty sucks:
I think that the domain name system and the tools for normal people to work in it are atrocious. I can hardly get things to work right and I am reasonably tech literate. I don’t know how to do domain mapping so that identitywoman.net is the URL that you see when you look at the top of my blog – rather then the http://www.kaliyasblogs.net that you see cause I can only figure out how to forward it. I can’t figure out for the life of my how to transfer domains from one registrar to another or merge the 4 accounts I have on one registrar into one. IT IS TOTALLY NOT USER FRIENDLY. Maybe by some miracle the UI and architecture can be changed – you know I am not betting on it.

i-names are less confusing then URL’s:
So lets go back to the community that I got started with trying to serve. They are very social people they come together at groovy conferences and go on retreats at spiritual places. They are web mail and Yahoo group users. They need systems and tools that are truly empowering and meet them where they are at with web-literacy. I think i-names have a better chance of doing this then URL’s. For starters they will have to ‘get a URL’ then use it a bunch of different places – each of those places will have URL’s for their profile in that system. People have multiple URL’s and clearly not all of them are OpenID enabled. I would rather just give them all community i-names then they clearly understand this new ‘thing’ (it is not a URL and not an e-mail address) is what they use to login different places and manage identity services from (like profile management when that happens).

I can upgrade and not loose my name:
I like the fact that I could start out with a community name like @integrativeactivism*morningglory and use that on several sites around the web and then….decide you know i want a top level name just for me … so I go and get =morningglory and all the logins that I have under that other community name don’t break. The i-number under @integrativeactivism*monrningglory is mine and can be resolved to =morningglory.

Group membership and micro-app ecology:
I also like i-names because from my understanding there is a way to assert group membership by the issuance of an identifier that one has control over. This gives you the potential weave together networks of applications for different communities that you are in. For example the solstice planning group could all have i-names @integrativeactivism*solsticeplanning*morningglory Then the wiki they went to to organize could be not on the same platform but work non-the-less for the people in that group. I really want to see an ecology of mico-apps that can be woven together and manage access control in ways that work for “simple people.”

Simple workable tools for personal link management:
The example from Phil’s blog explains a lot about how it is simple and I think it will work for the spiritual woman over 45 who are part of those communities that I care that these systems work for.

Lately I’ve started to feel like i-names and XRIs are coming into their own. Not long ago, for example, my i-name registry, 2idi, started offering XRI forwarding services. That means that I can create XRIs from my i-name that resolve to other things on the Net. For example:

http://xri.net/=windley/(+index) forwards to my “index” page on the Web.
http://xri.net/=windley/(+contact) is my contact page
http://xri.net/=windley/(+blog) resolves to my blog
http://xri.net/=windley/(+call) points to me on Skype (i.e. Firefox will launch a call to me through Skype if you click on this.)
http://xri.net/=windley/(+feed) forwards to my RSS feed
http://xri.net/=windley/(+photos) points to my online photo collection

What’s the point? Easy: I own =windley, my i-name, for the next 50 years and I control the resolution. If my blog URL or my Skype handle changes, I can change how those XRIs resolve and you can still find me and all the service related to me. Plus, the XRIs above are (mostly) based on a standard semantics, so if I know your i-name, I can easily find your blog.

XRIs are more complicated than URLs, but I remember everyone screwing up their face when URLs were new too and somehow we got used to them. XRIs make up for their additional complexity in semantic mappings and flexibility.

I must also chime in and say that I agree with Marc Canter

I’m also getting tired of waiting for ‘attribute sharing’ working.

I hope we can get this next layer of tools working relatively quickly now that we have the authentication layer stuff figured out. I am hopeful that the open standards for Datasharing that are getting traction now in the nonprofit community. I spent most of the last two weeks working organizing and writing up note cards of quotes from the vast repository of papers I have on the Open Social Network. I have an outline of a paper that I hope to have a working draft released in the next few months. As for my ‘enthusiasm’ I really want this vision to materialize and I am more committed then ever to reality based thinking and action so it can happen.

Profile Linker – is the time right for open standards…?

Tech Crunch has a review of Profile Linker.

They have one partnership sealed already, with Photobucket, and hope to do more. But for sites where they are unable to get a partnership they’ll have to gather information using the user’s credentials. There’s a risk that networks will simply cut them off.
They have portable profiles:
Portable Profiles allow you to take your content with you anywhere on the web. Mobilize your bio, share your photos.

Best of all, you only need to make updates in ONE place and all your portable profiles will be automatically updated all over the web.

one way they do this is...Don’t feel like entering ALL your profile content again?Well we can do all the work for you. Just tell us your Facebook login or MySpace URL and we’ll get your photo and more . .

All this proves the time is really right for open standards to do this.

i-names work in OpenID logins too

It should be noted to all of you coming from O’Reilly’s radar. That OpenID (the latest version) does accept i-names and identityprovider URL’s (this is the Sxip way of identity provision).

One of the reasons that i-names are cool is that they have persistence in a way that URLs have some challenges with in the long run. The names can be transfered to a new person but the i-number underneath is not. If you have domain name you are using as your identifier and you don’t renew it. The new owner of the URL can use it to sign-in to places you have had accounts.

i-names also have a nicer syntax and hopefully work for the internet users who may never get they can use URL’s to login.

I did it! SSO is really here and some cool identity links

I of all people should have done this before but I was waiting for OpenID 2.0 to be out there and working so I could use my i-name. I went to Ma.gnolia today and it just worked. They have a great way to integrate an OpenID with an existing account. I hope that I can pull over my delicious bookmarks. I joined the Identity 2.0 bookmark group.

I found some interesting sites

Wikidentity is a Flash client that shows you any hCards in a page you are browsing, and allows you to search for hCards that other users have helped index. You can also export hCards that you’ve discovered to use in a variety of applications, such as Address Book.

hCards are nice but I am not about to post mine on the web for anyone to scrape.

Unit Structures latest recommendation to Social Network Designers:

In the past, I’ve done a good deal of writing explaining how to design better and more relevant SNS. Today I offer designers of social network sites my single most valuable piece of advice: Adopt OpenID.

The walled gardens will stay with us, but walled gardens in social network sites need to be a thing of the past. Imagine the pitch – you can add friends from any OpenID network to your SNS. This has huge, democratic possibilities. This feels natural for SNS – walled gardens don’t. If you’d like to find out more about OpenID, you can refer to this primer I wrote about it on the ClaimID blog, or you can email me and I can help put you in touch with folks who will be able to help you. Once you grasp OpenID, and see how naturally it works with SNS, you’ll see what a valuable direction it is to take your product.

OpenID is coming – the tipping point grows closer each day. This is a tremendous opportunity – and I do hope you’ll consider it seriously. This is the way of the future.

The thing I don’t like so far is that it doesn’t make recommendations the way Delicious does. Maybe this is a forthcoming feature.

I found this article by David Kerns on reputation and trust that points to Clippinger’s blog. He has not posted since 2005. According to the social physics site he has a book coming out next year. Interesting. I wonder if Doc can convince him that blogging ideas and parts of the book and sharing with them the community might be a good idea. It seems that if markets are conversations books certainly are. As Kim learned with the Laws of Identity getting community input was a good idea for everyone.

The importance of Annonymity being baked into our systems is highlighted by Ben Laurie:

Firstly, when I say anonymity should be the substrate I am not just talking about the behaviour of identity management systems, I also mean that the network itself must support anonymity. For example, currently, wherever you go you reveal your IP address. Any information you give away can be correlated via that address. People sometimes argue that this isn’t true where you have a dynamic address, but in practice that isn’t the case: most dynamic addresses change rarely, if ever – certainly they tend not to change unless you go offline, and the rise of always-on broadband makes this increasingly unusual. Even if the address does change occasionally, you only need to reveal enough information in the two sessions to link them together and then you are back to being correlated again.

Secondly, people seem to think that privacy is an adeqaute substitute for anonymity. I don’t believe this: privacy is all about voluntarily not linking stuff you could link. Anonymity is about making such linking impossible. Microsoft’s Cardspace claims to provide anonymity where, in fact, it is providing privacy. Stefan Brands comes close with his selective disclosure certificates, but they are still linkable, sadly. These systems only provide privacy if people agree to not make the links they could make. Anonymity provides privacy regardless of people’s attempts to undermine it. That’s why you need to have anonymity as your bottom layer, on which you build whatever level of privacy you can sustain; remember that until physical onion routing becomes commonplace you give the game away as soon as you order physical goods online, and there are many other ways to make yourself linkable.

I do sense that this is not being thought about enough. I hope that Stefan can participate more actively in the community so that we will address it more fully.

I found this post by Bokardo a social web designer. He has a post on Domain as Identity and the services behind it. I totally agree and I can’t wait for him and others to discover the cool things they can do with XRI and XRDS. The TOTH (Thrill of the Hack) experimentation has just begun :)

I would encourage you guys to join Ma.gnonlia – for two reasons one it is OpenID2 enabled AND it has cool group bookmark sharing features.

Scott Says: Data is the New Software

I like the sound of that could it be Data 2.0?

Scott Keveton has a great post on why the big guys should adopt OpenID and hopefully Open Standards for Data too. He has three more reasons besides these two great ones:

Data is the new software: People may laugh at me on this, but its not the software. Software is effectively free now. Content management systems, wikis, blogs and even operating systems are commodities now. Its what you do with the software that is interesting. Its the sets of data that you can create and correlate together that are really, really interesting. Just look at Google. They arguably use more open source (aka free software) than anybody around. Its how they hook that software together and correlate the data from their users that’s the interesting stuff. Now, when you have lots of data, identifying who did what becomes the key. We haven’t had a thin layer of identity to do this in the past. OpenID gives us that layer of identity and more importantly a way for users and sites to correlate and better represent data that the users are creating.

Data + Identity == GoodStuff: As per my last item, data coupled to identity is really interesting. What’s even more interesting than that are the things you can do with identity and data coupled together. Now that I am this one identity for all of the places that I’m going on the Internet, I can really start to provide some services for that OpenID that I couldn’t before. Attributes, reputation, trust and social networking are some of the interesting areas to look at when it comes to OpenID in 2007

UX and OpenID the hickups are beginning

The weather that Tom brings us on OpenID is mixed but good in the long run. He says that community is what counts :)

Here’s what I learned enabling the sites with OpenID:The Good: OpenID registration is a beautiful thing. The legacy registration page on Stuffopolis can be scrapped. Once that happens, validating email addresses, requiring passwords and lost password security questions for new members will be forever outsourced to the OpenID providers (those that your website trusts).

The Bad: When introducing OpenID, it is a breeze for new members coming to the site, but it can be a little confusing for existing members who registered with the legacy credentials. When those existing members find out about the OpenID option, instead of logging in with the legacy credentials to add the OpenID to their account, they often log in with their new OpenID instead. This log-in will attempt to create a new account by fetching simple registration data from their identity provider. If their email address (sent by their identity provider) matches the one already registered with their legacy account, they can be given some instructions, but sometimes it doesn’t match and now we have a problem because if they go back and log in with the legacy credentials, they can’t associate their new OpenID to it because another account (the one they accidentally created) now has that OpenID.

Update 12/17: What I need to do is when a member goes to his profile page and attempts to modify his OpenID, after a successful OpenID authentication, if the site detects that there is another account with the same OpenID, then the site will ask the member to confirm that he wants the other account deleted, making sure there is only one account with that OpenID.

The Ugly: Now that some popular open source packages (wordpress, mediawiki, phpBB) support OpenID, the software should honor each other’s OpenID sessions so that someone who logs into mediawiki with his OpenID doesn’t get presented with an OpenID login form when he visits phpBB, for instance. Although this isn’t a huge problem, it is a little ugly and it seems it will require a standard way of registering OpenID apps on a system so that an OpenID session state change in one app will inform the others.

In a nutshell: OpenID is still immature, but it has an extraordinarily committed community behind it and when it comes to software, that’s what counts.

What is a Barrier to Entry – OpenID

This comment was posted by Vivek Puri at the bottom of Ramana’s post (quoted above).

OpenID is great idea, but adds another layer of complexity for early adopters. This might not go down well with the startups who can end up loosing important initial users. Also bigger companies like Google will offer Single Sign-on only for their own apps which becomes another point of disconnect. In my case I use Writely for document editing, Editgrid for spreadsheet, and del.icio.us for bookmarks which is a pain to manage.

As for offline usage, that is a very much required feature. Especially Writely should be able to implement that part easily since they have already cracked the algorithm for multi-user data edit and sync. Groove networks does offer that feature but is not for individual.

I guess there is some miscommunication in what OpenID is and how it actually lowers the barrier to entry to try new Office 2.0 applications.

This is how I see it.
I have my blog URL that is openID enabled or I have an i-name. I now can go to any one of the new groovy Office 2.0 applications and instead of getting yet another login and password. I just use my OpenID. I don’t have to put it into that spreadsheet of all my names and passwords or just use the same one I use everywhere that is totally insecure. Instead I bring my identity to the site. I save time. If I am an early adopter type I will likely get an OpenID relatively quickly and it will be a handy fast way for me to try these things out. Of course Office 2.0 applications should not force people to have OpenID’s those who want yet another user name and password can have one.

I know personally I avoide signing up for anything new that requires yet another login. I would be more inclined to tryout an Office 2.0 application that has OpenID as a login option.

I think all these office 2.0 copmanies can collectively compete with the big silo’s by offering SSO amongst themselves.

OpenID on the ‘edge of greatness”

Here are some of the great quotes about OpenID this week –

Tom in Austin says:
I’m a big fan of OpenID and I think it’s on the edge of greatness.

Norman Walsh:
Next time you build a web application that needs a login, consider OpenID.

btbytes:
Perhaps in future, sign-up fatigue will keep people away from signing up to new services. Providing OpenID option is very welcome.

Amblin:
You can now sign in with an OpenID when you leave comments on the blog. Why did I added this? To do my little part to try and break some of the ID silos.

Identity Open Space – Sept 11, Santa Clara

So we have had a fabulous series of open space events since May’s Internet Identity Workshop . The Identity Mashup at Berkman 3rd Day Open Space Post Liberty Alliance Identity Open Space specifically but also as major themes at Mashup Camp that had 5 sessions on identity and at OSCON and OSCamp.

I think one the reason things have been developing rapidly is because of the open opportunities to address critical issues and reflect as a community on next steps. So there is another one coming up before the next Internet Identity Workshop in December.

The Monday of Digital Identity World’s start we are hosting an Identity Open Space at the Santa Clara Convention Center. It will begin at 9am with agenda creation with sessions starting at 9:30 going until 3 when DIDW officially starts.

The cost is $25 just to cover lunch – so we can eat on site. Please sign up here… and add your name to the wiki and post suggested topics you bring to the conversation.

You also get a discount on attending Digital Identity World if you come to the Identity Open Space.
I know it is a bit of a challenge to travel on Sunday but I hope those of you from out of town will choose to do that. Hopefully we can get lost of folks working on new web tools who might be able to actually use – user-centric identity. Besides who wants to get on a plane on September 11th.

Technorati Tags:

August 10 is for everyone

Apparently some how the announcement was not clear.

The OpenID Informational Evening is for Developers…of all stripes, open source, free software, “source available”, and closed source.

August 10th, 6-9, 2029 University Avenue (upstairs) Berkeley, CA. Please RSVP to me – kaliya [at] mac (dot) com.

The $5000 per project bounty that was announced at OSCON is for getting OpenID into core distributions of OSI approved licensed open source projects.

Idnetity at OSCON

For those of you joining identity folks – me, Doc Searls, David Recordon, Dick Hardt, Drummond Reed, Scott Kveton, Larry Drebes Dave Kearns, Scott Mace here at OSCON there will be a few opportunities to learn more about what we all have been up to.

1) At OSCAMP tomorrow the OpenID convergence folks plan on runing a session in the afternoon tomorrow approximately 1:30 – 3:00.

2) David Recordon has a session on Practical OpenID in OSCON proper on friday 10:45 – 11:30.

I am going to propose that we have a sheet at OSCAMP that says ask the identity folks a question so you can ‘ping us’ in meet space – while at OSCON. We can have more sessions during OSCamp on what you want to know about. I will list them here as I know about them.

Reality: this [OpenID] is big

Getting in the game on OpenID standards: A conversation with Kaliya Hamlin, Identity Woman was published today on Net Squared. Marshall interviewed me via e-mail and then wrote up this story. He does a great job of explaining how identity brokers work and how people can use identifiers within contexts.

The social web, Web 2.0 or whatever you want to call it, is supposed to be all about web services, interactivity and data portability. In this context, Open ID standards will be increasingly important.

Reality: this is big

I thought that big vendors considered it in their best interests to lock us in to their systems with non-open Identities. Kaliya says that’s no longer the case. “They are all getting that identity is a ‘commons’ that no one can own,” she says. “They are seeing the end of usefulness in approaching the world through silos. The whole corporate tech world is a big exercise in sticking things together…standards really make this less expensive.”

I-Tags at Net2

I am at the Net2 session on Tagging.Here is how I described the value itags to Beth Kanter.

I have been working with Mary Hodder, Drummond Reed and Andy Dale on itags. It is an open adhoc standard we are proposing for alowing people to use their identity while they tag. This could be a URL they ‘own’ (OpenID) an i-name (XRI) they have or another UUID.

Creators of content could use this to assert CC licenses and provide a long term persistent way to have attribution. People can assert tags across silos – multiple blogs that one posts on and multiple media tagging sites that one tags on.

Technorati Tags: , , , , , ,

Congress Targets Social Network sites – to be blocked from Schools and Libraries

WOW this is really intense.
The freedom to meet and organize is FUNDAMENTAL to what it means to be a citizen in this country.

This was in slashdot headlines and is quite shocking.

MySpace and other social-networking sites like LiveJournal.com and Facebook are the potential targets for a proposed federal law that would effectively require most schools and libraries to render those Web sites inaccessible to minors, an age group that includes some of the category’s most ardent users.

High Impact
What’s new:

A proposed federal law would effectively require schools and libraries to render social networking sites inaccessible to minors.
Bottom line:

Law would likely affect more than just social networking sites. Blogger.com, AOL and Yahoo’s instant messaging features might be included in proposal’s definition.
advertisement
“When children leave the home and go to school or the public library and have access to social-networking sites, we have reason to be concerned,” Rep. Michael Fitzpatrick, a Pennsylvania Republican, told CNET News.com in an interview.

Fitzpatrick and fellow Republicans, including House Speaker Dennis Hastert, on Wednesday endorsed new legislation that would cordon off access to commercial Web sites that let users create public “Web pages or profiles” and also offer a discussion board, chat room, or e-mail service.

That’s a broad category that covers far more than social-networking sites such as Friendster and Google’s Orkut.com. It would also sweep in a wide range of interactive Web sites and services, including Blogger.com, AOL and Yahoo’s instant-messaging features, and Microsoft’s Xbox 360, which permits in-game chat.

Fitzpatrick’s bill, called the Deleting Online Predators Act, or DOPA, is part of a new, poll-driven effort by Republicans to address topics that they view as important to suburban voters. Republican pollster John McLaughlin polled 22 suburban districts and presented his research at a retreat earlier this year. Rep. Mark Kirk, an Illinois Republican, is co-sponsoring the measure.

The group, which is calling itself the “Suburban Caucus,” convened a press conference on Wednesday to announce new legislation it hopes will rally conservative supporters–and prevent the Democrats from retaking the House of Representatives during the November mid-term election.

Reflections on IIW

Facilitating the Internet Identity Workshop was a wonderful experience. I got to bring help the order emerge out of the chaos by leading Open Space. Many felt that it was

About two weeks ago I started making a map of the history of the community. This was in part because I knew a lot of new people were coming to the workshop and I wanted to be sure they had some context of who we were and where we had come from. I translated this into an interactive wall map that allowed people to ad their own elements to the history.

On the timeline:

• Yellow diamonds are protocols
• Pink Trapazoids events that have happened on a timeline
• Purple papers are Publications white papers
• Purple 1/2 circles are podcasts.

Clusters (ot on the timeline):

  • Green Parallelograms are mailing lists
  • Blue pages are blogs

There are some good photos of this but I will be taking the results and putting them into Omnigraffle and then PDF too.

Tuesday Morning we got to put together the agenda. It involves everyone who wants to present putting what they want to have a session about on a piece of paper. They speak their session title to the whole room and then post it on the wall.

It wasn’t until about mid day on Tuesday that I actually landed and was able to engage in the conference. The Planetwork folks talked a lot talking about the emerging 1society project.

Dinner both evenings was great. Monday was Italian and Tuesday was Thai.

The Identity Commons crowd moved things forward we have a follow up call next week.

At the very end watching and listening to Paul and Drummond go over the relationship between Higgins two projects and XRI / XDI was a great treat.

We concluded our day listening to Eugene Rant about Wikis at Wiki Wednesday. After dinner Meng told us he had founded the Reputation Gang and we invited him to be a part of the Identity Commons.

The highlight to get the essence of what happened is the closing session recorded. Here Tuesday and Wednesday.

Some high complements were given to the conference.

From Kim Cameron:

With Doc Searls and Phil Windely navigating at the macro-level, the amazing Identity Woman Kaliya orchestrated an ”unconference” that was one of the most effective events I’ve ever attended. It’s clear that creating synergy out of chaos is an art that these three have mastered, and participants floated in and out of sessions that self-organized around an ongoing three-day hallway conversation – the hallway actually being the main conference room and event! So we got to engage in all kinds of one-on-one (and few) conversations, meet new people, work out concerns and above all work on convergence. Many people told me they felt history was being made, and I did too.

Opinity’s Tom Madox reflected on the conference today.

Now, before someone reprimands me for implying that there were corporate or technical bigshots in attendance, let me clarify that one. There were, in fact, luminaries of various sorts participating: A-list bloggers, well-known corporate folks, technical experts working at the forefront of innovation in the field of identity mangement … people like that. However, and this is the point: they were not on stage, performing. They were at the tables and in the rooms, talking, listening, asking and answering questions. In terms of social interaction, the conference hierarchy was flat.

Phil Becker wrote in the DIDW newsletter:

This week I saw a significant “state change” occur in this year and a half “Identity Gang” evolution, and it tells me things are going to start to happen. Some of those involved will be happy this is so, others most likely won’t be. But for those not directly involved (i.e. most of the population) it was, in my opinion, a tremendously significant moment in the evolution of the identity conversation, and one that will have many significant ramifications going forward – though these will likely take another year to become clear to those not paying close attention.

They are working on the issues of what form identity must take
to become ubiquitously deployable, become something that will be adopted
comfortably by users, and how we can ever get there from here.

The first sign that the required significant shifts are occurring is
visible in the titles of the sessions this un-conference produced on
its first day. These titles have all subtly shifted in ways that
indicate there is no longer any question that there is a single,
over-arching story behind the identity conversation, and that the
mission now is to figure out how to converge the many efforts that
are underway. These efforts were each begun with a very different
mission and with a very different use/case and problem set driving
them, and this has previously created division and competition. This
time, however, it was clear that everyone was looking for where they
should get on board, and how to avoid having their goals left out.

Technorati Tags: , , , , , , ,

Where is the Valley’s political power?

I have been wondering about this for a while. Where is the companies in the Valley’s political might? and where is the political organizing amongst the people who work in this industry? In Europe the geeks organized to get the European parliament to ban software patents. It seems like it should be easy enough to organize to save the internet. I am going to do my part and organize Planetwork’s activities around One Web Day.

This was articulated by Marc Evans on his blog:

The Net Neutrality campaign (a.k.a. Save the Internet) to keep the Internet tollgate-free and/or tier-free continues to gain momentum. What’s troubling, however, is Om Malik’s contention that many start-ups and Silicon Valley companies and fairly of the issue and why it matters. One of the Silicon Valley’s weaknesses is a lack of political savviness. Sure, many companies and executives donate money to politicians and political parties but there does not seem to be a well-organized and effective lobbying team that can be turned on in Washington when needed. Peter Chester suggests a reason for the lack of activity among the bigger players such as Yahoo, Google and Microsoft is they have relationship with carriers and cablecos that they don’t want to damage.