What is Toluu?
Toluu is a free service for sharing the feeds you read and discovering new ones.		 Get Invite

FactoryCity

This can all be made better. Ready? Begin.


Perception and reality in the land of OpenIDJanuary 4

OpenID LogoA couple related posts caught my attention recently about OpenID. As I’m now a board member of the OpenID Foundation, I feel some responsibility for helping to inform folks about OpenID: what it is, how it’s used, why I believe that it has so much potential — and at same time, address what it isn’t, won’t or can’t be, and what the scope of the OpenID solution stack is.

The first is a post by Nick O’Neill from the Social Times blog: “OpenID Organizes the Organizers While Facebook and Google Start Letting Users Login“. It was posted on December 29th.

He begins his criticism with a slight error:

Over the weekend the OpenID Foundation announced that they are having its first election of community board members.

In fact, over that particular weekend, the OIDF announced the results of its election, not the kick off.

But his broader sentiment deserves a response:

Twitter and the Password Anti-PatternJanuary 2

Twitter / Alex Payne: @factoryjoe Yes, OAuth is ...

I’ve written about the password anti-pattern before, and have, with regards to Twitter, advocated for the adoption of some form of delegated authentication solution for some while.

It’s not as if Twitter or lead developer Alex Payne aren’t aware of the need for such a solution (in fact, it’s not only been publicly recognized (and is Issue #2 in their API issue queue), but the solution will be available as p

The results of the OpenID Board election are in!December 27 2008

I'm kind of a big dealI received an SMS from Michael Richardson this morning (around 8am here in Hawaii) congratulating me on my election to the board of the OpenID Foundation. It seems fitting that I should receive first word from him, since, as the Karl Rove of my campaign, he came up with the “kind of a big deal” slogan from Anchorman.

Anyway, I’m thrilled about the outcome of the election and am looking forward to working with Snorri Giorgetti, Nat Sakimura, David Recordon, (each of whom received two year terms along with me) and Eric Sachs, Scott Kveton, and Brian Kissel (who received one year terms).

I’m also pleased that 80% of the 217 foundation members voted in the

Responding to criticisms about OpenID: convenience, security and personal agencyDecember 27 2008

Twitter / Chris Drackett: @factoryjoe openID should be dead... its over-rated.

Chris Dracket responded to one of my tweets the other day, saying that “OpenID should be dead… it’s way over-rated”. I’ve of course heard plenty of criticisms of OpenID, but hadn’t really heard that it was “overrated” (which implies that people have a higher opinion of OpenID than it merits).

Intrigued, I replied, asking him to elaborate, which he did via email:

I don’t know if overrated is the right word.. but I just don’t see OpenID ever catching on.. I think the main reason is that its too complex / scary of an idea for the normal user to understand and accept.

In my opinion the only way to make OpenID seem safe (for people who are worried about privacy online) is if the user has full control over the OpenID provider. While this is possible for people like you and me, my mom is never going to get to this point, and if she wants to use OpenID she is going to have to trust her sensitive data to AOL, MS, Google, etc. I think that p

Where we’re going with Activity StreamsDecember 20 2008

The a href=”http://diso-project.org”DiSo Project/a is a href=”http://willnorris.com/2008/12/diso-one-year-later”just over/a a a href=”http://factoryjoe.com/blog/2007/12/06/oauth-10-openid-20-and-up-next-diso/”year old/a. It’s remained a somewhat amorphous blob of related ideas, concepts and aspirations in my brain, but has resulted in some notable progress, even if such progress appears dubious on the surface.

For example, a href=”http://oauth.net”OAuth/a is a core aspect of DiSo because it enables site-to-site permissioning and safer data access. It’s not embecause of/em the DiSo Project that OAuth exists, but my involvement in the protocol certainly stems from the goals that I have with DiSo. Similarly, Portable Contacts emerged (among other things) as a response to Microsoft’s “a href=”http://twitter.com/kevinmarks/statuses/1068364292″beautiful fucking snowflake/a” a href=”http://dev.live.com/contacts/”contacts API/a, but it will be a core component of our efforts to distribute and decentralize social networking. And meanwhile, a href=”http://openid.net”OpenID/a has had momentum and a following all its own, and yet it emtoo/em fits into the DiSo model in my head, as a cornerstone technology on which much of the rest relies.

a href=”http://www.flickr.com/photos/factoryjoe/3122318414/” title=”Subscribing to a person by factoryjoe, on Flickr”img src=”http://farm4.static.flickr.com/3120/3122318414_1cd49deeb5.jpg