[OpenID] [OpenID board] wiki.openid.net is now set up
Peter Williams
pwilliams at rapattoni.com
Sat Dec 20 02:37:57 UTC 2008
Dick
I did a fair amount of testing of pbwiki, last year (trying to find a sp service business grade which I could give to our members to try out (and which would use the openid2 op service we paid trustbearer to offer for us)).
>From today's trials, Pbwiki still does not have the level of websso quality we'd require. I've no doubt its wiki service is excellent and business grade.
plaxo and pbwiki were the only 2 saas vendors I (then) considered mature enough to be given to our members. Plaxo was on the whole excellent in all respects except the fees were just out of the ballpark (for realtors): pbwiki failed the openid integration tests, as repeated today.
I know how hard this all is to do operationally, and maintain: we do it ourselves (with saml websso). What I want is someone to show me the uci model done right and at business grade (and affordable for realtors). Google apps is close to nirvana,but doesn't (yet) offer openid. Plaxo was excellent in openid integration, but don't seem to be able to hit the price points that realty typically pays.
If we could help pbwiki recognize and fix the protocol issues, I think they are pretty close to ready. Then, there is just the point of ensuring they support the same CAs as does the foundation (or any other customer of theirs): so 1) users are not "denied" at one foundation service, while "accepted" at another and 2) are denied at pbwiki for all cas where they were denied access (for reason of ca) at the voting site.
________________________________
From: Dick Hardt <dick.hardt at gmail.com>
Sent: Friday, December 19, 2008 4:52 PM
To: Peter Williams <pwilliams at rapattoni.com>
Cc: Chris Messina <chris.messina at gmail.com>; OpenID List <general at openid.net>
Subject: Re: [OpenID] [OpenID board] wiki.openid.net is now set up
Peter,
How about you test the service to see the issues, and if you think there important, it would be great to see if you can get the vendor to fix any issues that come up. If they are unable or unwilling, would you help us find a comparable service that does not have the issues you describe?
-- Dick
On 19-Dec-08, at 2:00 PM, Peter Williams wrote:
This sound like the highest common denominator conception in effect: Users who don’t choose the dominant OPs/IDPs/brands are just placing themselves in the 20%, and thus should really by have learned to “expect” performance/reliability issues. It’s the visa brand model (that won! over the store cards) So you the consumer do have a UCI “free choice” of OPs …as they ARE all equal. But, in reality, some OPs are more equal than others.
There is an alternative. As “customer,“ Foundation tells outsourcer (“PbWiki”) to use Debian trust model (i.e. CTL=Debian). It would tell it to do this for the Foundation’s pbwiki, but would not gell PBWiki to do it for the wiki its hosting for IBM, say). When the Foundation updates it own reliance policy on CAs, as the dominant SP, it requires PbWiki to apply the same CTP policy to the Foundation’s wiki (within 1h say).
I have no doubt PbWiki will do absolutely nothing for me, a user, if I use their “issues pages”. I am not a customer, and dont pay a dime. I thus have no voice, in any well run business. I’ll just get some faff answer.
BTW: Thanks to PbWiki for (a) hosting the new wiki (b) being a talking-horse. None of this discussion in any way is supposed to diminish their contribution to the Foundation. I extol their efforts and their willingness to let their offering be used in the public commentary. They sound, like phonefactor do with MyOpenID, like folks who know how to support standards efforts - and get sales lead generation in return. Good for them!
From: Chris Messina [mailto:chris.messina at gmail.com]
Sent: Friday, December 19, 2008 1:31 PM
To: Peter Williams
Cc: Dick Hardt; OpenID List
Subject: Re: [OpenID] [OpenID board] wiki.openid.net is now set up
On Fri, Dec 19, 2008 at 1:27 PM, Peter Williams <pwilliams at rapattoni.com<mailto:pwilliams at rapattoni.com>> wrote:
I'd be happy to make trials of some https OpenIDs against Foundation-related service providers, where one would naturally expect what works at 1 to work at the others.
Great.
Can we agree that the expectation stated above is reasonable (at least for those assertion "consumers" in the Foundation's very own private "affiliation group")?
Personally I have a hard time agreeing to this. I tend to desire serving the 80% use cases first, and once those are adequately addressed, then I look to see if I can make the experience more tolerable for the remaining 20%.
If the OpenID community collectively had infinite resources, then I might gladly agree, but that is not the case, therefore when it comes to setting priorities, I tend to think that warming a snail shell's worth of water with a magnifying glass won't get me any closer to raising the temperature of the ocean by a single degree.
Chris
> -----Original Message-----
> From: Dick Hardt [mailto:dick.hardt at gmail.com<mailto:dick.hardt at gmail.com>]
> Sent: Friday, December 19, 2008 11:46 AM
> To: Peter Williams
> Cc: OpenID List
> Subject: Re: [OpenID] [OpenID board] wiki.openid.net<http://wiki.openid.net> is now set up
>
> Hey Peter
>
> Good suggestions!
>
> Would you be interested in helping check if things work as you would
> expect, and if, would you be willing to help make things work as
> expected?
>
> -- Dick
>
> On 19-Dec-08, at 11:34 AM, Peter Williams wrote:
>
> >
> > Can we login with https OpenIDs?
> >
> > Can the operator ensure that Foundation operational policy's on CAs
> > is enacted by its pbwiki outsourcer (at least for the Foundation's
> > particular wiki)?
> >
> > It will be silly if I can SSO with an https openid to the election,
> > but I cannot SSO with the same https openid to the pbwiki. Would
> > make the universality of the SSO concept look broken, for a consumer.
> >
> > I'm going to attempt join my client's (CAcert-endorsed) https Openid
> > membership account, for voting purposes.
> >
> > (Though Eddy might protest that the Foundation is not served by
> > agreeing to that business partners legal terms) As a user, I'd want
> > the CA-cert endorsed https OpeniD viable for the membership.voting
> > site to also work on the Foundation's wiki.
> >
> > Surely the Foundation's various services would all accept the same
> > (https) openid (even when outsourced to some or other SAAS, this
> > week)?
> >
> >
> >
> >
> > I'd what the same grade of discovery authentication endorsement
> >> -----Original Message-----
> >> From: general-bounces at openid.net<mailto:general-bounces at openid.net> [mailto:general-<mailto:general->
> >> bounces at openid.net<mailto:bounces at openid.net>] On
> >> Behalf Of Scott Kveton
> >> Sent: Friday, December 19, 2008 10:59 AM
> >> To: board at openid.net<mailto:board at openid.net>
> >> Cc: OpenID List
> >> Subject: Re: [OpenID] [OpenID board] wiki.openid.net<http://wiki.openid.net> is now set up
> >>
> >> Great work on this Chris ... thanks for taking the charge on this.
> >>
> >> - Scott
> >>
> >>
> >>
> >>
> >> On Fri, Dec 19, 2008 at 10:36 AM, Chris Messina
> >> <chris.messina at gmail.com<mailto:chris.messina at gmail.com>> wrote:
> >>> As you've probably seen, we've been making efforts to move the
> >>> MediaWiki-based OpenID wiki to PBWiki.
> >>> The transition is complete and the new wiki is available
> >>> at http://wiki.openid.net (same as the old address).
> >>> Not all pages from the previous wiki have been ported, but the plan
> >> is to
> >>> mothball that content at old-wiki.openid.net<http://old-wiki.openid.net>. The primary reason
> for
> >> not
> >>> moving all the old pages over is that much of the content is out of
> >> date,
> >>> inaccurate or no longer useful.
> >>> In order to edit the wiki, you will need to sign in. Fortunately
> >>> this
> >> wiki,
> >>> unlike the old wiki, permits OpenID authentication:
> >>> https://my.pbwiki.com/openid
> >>> If you have any questions, let me know or post them here.
> >>> If you have general comments about PBWiki, you can visit their
> >> support
> >>> forum:
> >>> http://getsatisfaction.com/pbwiki/topics
> >>> Thanks,
> >>> Chris
> >>>
> >>> --
> >>> Chris Messina
> >>> Citizen-Participant &
> >>> Open Technology Advocate-at-Large
> >>>
> >>> Vote in the OpenID Board Election!
> >>> http://tr.im/vote_oidf
> >>>
> >>> factoryjoe.com<http://factoryjoe.com> # diso-project.org<http://diso-project.org>
> >>> citizenagency.com<http://citizenagency.com> # vidoop.com<http://vidoop.com>
> >>> This email is: [X] bloggable [ ] ask first [ ] private
> >>>
> >>> _______________________________________________
> >>> board mailing list
> >>> board at openid.net<mailto:board at openid.net>
> >>> http://openid.net/mailman/listinfo/board
> >>>
> >>>
> >> _______________________________________________
> >> general mailing list
> >> general at openid.net<mailto:general at openid.net>
> >> http://openid.net/mailman/listinfo/general
> > _______________________________________________
> > general mailing list
> > general at openid.net<mailto:general at openid.net>
> > http://openid.net/mailman/listinfo/general
_______________________________________________
general mailing list
general at openid.net<mailto:general at openid.net>
http://openid.net/mailman/listinfo/general
--
Chris Messina
Citizen-Participant &
Open Technology Advocate-at-Large
Vote in the OpenID Board Election!
http://tr.im/vote_oidf
factoryjoe.com<http://factoryjoe.com> # diso-project.org<http://diso-project.org>
citizenagency.com<http://citizenagency.com> # vidoop.com<http://vidoop.com>
This email is: [ ] bloggable [X] ask first [ ] private
More information about the general
mailing list