[OpenID] For the nominees

Brian Kissel bkissel at janrain.com
Sun Dec 7 22:38:31 UTC 2008


Good questions Eddy, here are my thoughts:


1.      Improving Relying Party Adoption:

I agree with Nat Sakimura's recommendations about more direct outreach to prospective RPs.  Nat's efforts with OpenID Japan have yielded impressive results (http://openid.net/2008/11/03/openid-japan-launches-with-32-member-companies/) that we should emulate in the US and in other geographies.

I also think Snorri Giorgetti's actions and suggestions as summarized at http://wiki.openid2009.org/Main_Page are right on the mark.

The best way we can drive adoption and usage of OpenID is to respond to the stated needs of RPs and end users.  Working with Zac Bjelogrlic of the BBC, we formed a Content Provider Advisory Committee to get direct input from the likes of Time Inc., NY Times, Hearst, Meredith, NPR, Reed Business, AARP, National 4-H and other prospective RPs.  You can see a summary of that event at http://openid.net/2008/10/01/openid-content-provider-advisory-committee-kickoff-meeting.

In parallel, Johannes Ernst and I formed the Customer Research Committee to follow up with these media companies, affinity groups, and other prospective RPs.  We hired a market research firm to facilitate this process and reported the findings at IIW in Mt. View a few weeks ago: http://www.slideshare.net/bkkissel/openid-foundation-market-research-report-from-iiwb-2008-presentation While there is a long wish list from the RPs, some common themes have emerged (slide 6 of the presentation): usability, user profile data, business & legal frameworks, and the observation that other mainstream sites haven't started to adopt OpenID (the chicken and egg syndrome).  Slide 7 of the presentation outlines initiatives that are underway, but this is just the beginning of what we need to do.   Specifically w.r.t. usability Allen Tom (Yahoo), Eric Sachs (Google) and the folks at Facebook have been providing a lot of thought leadership that we should leverage and embrace.  I've summarized some of the feedback on UX design and solicited market feedback at http://blog.janrain.com/2008/10/openid-user-experience-ux-summit.html

Until we can either get a critical mass of large national branded websites (as Eric Sachs is advocating and driving) or real momentum among second tier websites (as JanRain has been championing with RPX), we're not going to reach an inflection point.  As we've all seen recently, Facebook has gained some visibility with Facebook Connect which does address issues around ease of use and user profile data as well as some baseline business frameworks.  We need to make it much easier and more compelling for RPs to deploy and leverage the benefits of OpenID, OAuth, Portable Contacts, etc.

But all these efforts are going to take additional time and resources, so the OpenID Foundation needs to step up its efforts in the areas that matter most to prospective RPs.  Therefore, we need to develop and execute on an operating plan, membership plan, financial plan, marketing communications plan, international plan, technology roadmap, etc.  I've outlined my thoughts on how to make these things happen on my candidate's statement on the OIDF election website.


2.      What should be done to have big providers like Google, Yahoo!, Microsoft rely on other operators?

It's not clear to me that there is anything that the OIDF can do to make the major OPs become broad based RPs.  It's great that Yahoo, Google, and AOL have become OPs and that MySpace and Microsoft have announced their intentions to become OPs.  That alone provides confidence to prospective RPs that there will be a critical mass of OpenID-enabled end-users in the market, which is a vital part of the equation.  In addition, AOL has already enabled 4 of its websites, including the recent rollout of OpenID on My MapQuest (way to go AOL!).  Microsoft is accepting OpenIDs on its HealthVault Beta and has been working hard to ensure interoperability of InfoCard with OpenID.  Google is accepting OpenID on Google Friend Connect.  So we are making some progress.  But, as others have said, these large organizations have complex business and legal considerations, so we need to respect that they are doing as much as they can to champion the cause, and over time we'll see even more progress from them.  The fact that we have Yahoo, Google, and Microsoft as sustaining members of the OIDF is a good thing.  The fact that Eric Sachs, Eran Hammer-Lahav, Allen Tom and even Luke Shepard of Facebook are running as individuals to further champion OpenID inside their respective organizations as well as in the market is a good sign.

But we can't wait for the major OPs to also become RPs. There are millions of websites out there that could and should be using OpenID - for their own benefit, and the benefit of their users/members/customers.  The OIDF and its member companies should be working day and night to bring the vision, message, and solutions to market that make it strategically and economically compelling for broad adoption of OpenID.  That's where we should be focusing our efforts instead of sitting around and asking when Yahoo or Google are going to start becoming major RPs.


3.      Do you think that a trust relationship framework should be created, similar to PKI auditing (or any other/similar idea) in order to allow relying parties easily trust on other operators? Or what would you suggest instead?

Absolutely.  Nat Sakimura and the team at NRI along with OpenID Japan have shown us what is possible with the deployment at Japan Airlines (JAL) allowing for the execution of commerce between business partners using OpenID with Trusted Data Exchange.  NRI, JanRain, Parity, and others are working on defining how we extend AX/TX/CX to address trust, non-repudiation, and the other enhancements required to make OpenID suitable for mainstream commerce applications.  We need to get more representatives from commerce websites as members of the OIDF and on the board (stay tuned!).  We need to do more market research to understand the needs of commerce and other application areas where trust and non-repudiation are baseline requirements.   As we've created a Content Provider Advisory Committee, we should create advisory committees for areas like commerce, healthcare, and other industries/application areas where trust is going to be a critical part of the value proposition.


4.      Do you think that instead of hiring an executive director, the load of the different tasks could be shifted to a small group of different persons instead (foundation management)? Would you view a such a scenario possible and perhaps more efficient?

We absolutely need a strong and focused Executive Director along with a minimal paid staff to make the kind of progress we need to make.  The volunteers who have gotten us this far have done an admirable job with very limited resources and should be thanked and congratulated for their contributions and achievements.  When the bulk of the work was creating a framework for intellectual property management, specifications, and technical development a more distributed and organic approach was appropriate.

As we expand the charter of the OIDF to drive adoption and usage of OpenID, we need dedicated people and programs to support our objectives.  As a benchmarking process, I've personally interviewed the executive directors and marketing staff of several foundations and SIGS.  They all experienced a very similar evolution to the one we are experienced right now.

If you look at the current organization of the Linux Foundation for example, there is a strong executive director who is an evangelist, program manager, and fund raiser.  All the specifications and technology are managed by working groups headed by volunteers.  They have done a great job at continuing to innovate and drive the technology in a free and open process.  On the other hand, the Linux Foundation ED and a small staff have developed and executed operating plans, financial plans, marketing plans, membership plans, etc. that drive adoption and usage of Linux, and provide the financial resources and operational infrastructure that enable the technical working groups to focus on the technology.  If we truly want to make OpenID the "core of the user-centric social ecosystem on the web," as Joseph Smarr describes it, then we need to step up to the plate and create a world class Foundation to provide the leadership and operational excellence to achieve it.


Cheers,

Brian
___________

Brian Kissel<http://www.linkedin.com/pub/0/10/254>
CEO, JanRain - OpenID-enable your websites, customers, partners, and employees
5331 SW Macadam Ave., Suite 375, Portland, OR 97239
Email: bkissel at janrain.com<mailto:bkissel at janrain.com>     Cell: 503.866.4424     Fax: 503.296.5502

Get your FREE OpenID at myOpenID.com<http://www.myopenid.com/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20081207/90e4aa71/attachment-0002.htm>


More information about the general mailing list