Good news, more to follow (I hope)
Powered by ScribeFire.
the weblog of Rob Yates
Good news, more to follow (I hope)
Powered by ScribeFire.
Eran Hammer-Lahav: Users should be able to use their email address as their OpenID, as most sites today use emails as usernames anyway. This will solve the first part of making the identifier simple. So instead of choosing ‘AOL as the identity provider and entering the screen name, or worse, typing ‘http://openid.aol.com/username’, the user will type ‘username@aol.com’.
This can’t happen soon enough and there’s a detailed promising proposal behind it. Further discussion here.
Powered by ScribeFire.
Facebook exists because a simple usable federated identity system doesn’t. Wired’s challenge to tear down the social networking silos seems easier to solve if we had such an identity system and I would think that the openid community would take up the reins and lead the charge.
I was therefore somewhat aghast when I saw the original mr. openid and the current mr. openid trying to solve the problem without actually building atop openid. Why? Have they abandoned their offspring? Or is Openid just not the right foundation and in need of a reboot?
The wired article points out that it’s pretty trivial to assemble facebook as long as you don’t mind the entire world seeing what you are doing, your "friends" can even receive event notifications via feedreaders, but then so can the rest of the world. Facebook’s real value, therefore, is an easy to use access control system, limiting who can view your photos, view your posts and get alerts. This access control system, dubbed the "social graph", is embodied as "friends" in facebook and "connections" in linkedin.
So why can’t openid enable this in a distributed fashion? Surely openid should be the basis of any distributed access control system. Why can’t I, who chooses to be hosted on facebook, befriend you on myspace. Why can’t I receive notifications of your recent actions? and why can’t you view my profile? and why can’t all this happen without the prying eyes of the rest of the world? These seem like the problems that openid should be helping solve. So why didn’t Brad and David choose to build atop it? instead making it’s use optional?
I have to admit to worrying a little about openid’s direction. It can’t get close to the challenge thrown down by Wired and instead of trying to address these very real problems in version 2.0 it has instead chosen to focus on incorporating an obscure naming scheme, which IMHO has introduced unnecessary complexity. So what could it do? Could the Wired challenge be solved with openid as the base? I believe the openid community could choose to solve these problems and FWIW, here’s my list of to do’s.
Am sure there’s more details e.g. how the "roster" of friends gets sent to the different services but that also sounds familiar. It just seems to me that Brad and David are applying a band aid with their proposal and I’d much prefer they go back to open heart surgery and fix this thing once and for all.
Openid reboot? hmmm, interesting, and if you read the entire thread, blush
p.s. I don’t buy Dave Winer’s economic roadblocks to distributed social networks. The same argument could be applied to AOL’s and Delphi’s email "walled gardens" prior to 1993.