[OpenID] A lesson from history for Facebook

Peter Williams pwilliams at rapattoni.com
Thu Apr 16 18:38:32 UTC 2009

A little trivia and opinion.

When Netscape took off, VeriSign (or "Digital Certificates International" - as it was known at the time) was still issuing certs for digisign - an apple app that would sign apple's compound document file formats, using 512bit RSA and X.509 v1 cert. One enrolled for a TTP-cert by making an affidavit (bearing the public key hex, and one's legal name) to a notary public - who had to (and still must) perform identification and an act of "recodation" in the public journal. Then, as Apple and Taligent (apple+HP+IBM plot to compete with MSFT in the PC OS market) collapsed under too much scheduling theory and cultural infighting, the digisign team went on to form a company that then provided on the SSL toolkit used by probably 50 https vendors (before openssl killed that market). But in that brief window, crypto and assurance notions were spread widely, teacfhing folks how NOT to build crypto-based security systems (that were not simply _trivial_ to passively spy on).

The apple hardware and nvram chips had RSA too, for firmware/boot protection. If you knew how, you could alter the manufacturer's certs/keys, tho.

Yes - we could have done websso A LONG TIME AGO; X.500 in 1986 had what we now call assertions/claims/attributes and asserting/relyingparties! But no-one wanted to be open. Hub and spoke business models are very dominant in the US and Japan. If one makes a breakthrough in commoditizing open technology in one area, it usually gets closed down again into proprietary networks again in another. That is: a lot of marketing about open systems, but not a lot of actual __multi-vendor__ delivery (where the _user_ selects the hardware bits, the system bits..., the keys.., the everything...).

We will just have to wait see if openid is more like the Apple of yore, or more like the Microsoft off yore (now in the guise of Facebook, Google, Yahoo (and live). Etc.). I'm still hoping Microsoft will use its power to ensure what its always ensured: the third party developer can play too, with no significant barriers to entry into the value-add market.

> -----Original Message-----
> From: general-bounces at openid.net [mailto:general-bounces at openid.net] On
> Behalf Of SitG Admin
> Sent: Wednesday, April 15, 2009 10:41 PM
> To: Santosh Rajan
> Cc: general at openid.net
> Subject: Re: [OpenID] A lesson from history for Facebook
> >By the late 80's Apple was inching closer to bankruptcy, while William
> Gates
> >was laughing all the way to the bank!
> So they spent how many years as the underdog, and how many years
> making a triumphant comeback? (The simplest lessons, especially when
> drawn from the simplest stories, are rarely the *only* lessons to be
> found in history.)
> >Of cource the circumstances for Facebook are different today. But the
> >underlying strategic mistake made by Apple cannot be missed.
> Also note that the Motorola chipsets could be found in non-Apple
> hardware, from companies such as PowerComputing that sold "clones"
> which worked with the Mac OS; that the Macintosh was NOT higher than
> an equivalent PC, after factoring in all the external hardware and
> extra software that would be needed to equip a PC with everything
> that a Mac came with built-in; and that the openness of the OS was a
> much bigger deal for Microsoft when it came to 3rd-party programmers
> making games for their platform.
> >I hope Facebook
> >learns from the past, and chooses to support OpenID as an OP, before
> it is
> >too late.
> What level of "support" were you looking for? It was possible to use
> your Facebook account as an OpenID (v2.0-compatible) nearly two years
> ago (back in early August of '07), using their API to develop the
> appropriate functionality. (Or, if you didn't want to, you could use
> the secondary "OP" of the innovator who first made it possible, as a
> "bridge" from Facebook to the rest of the 'net.)
> -Shade
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general

More information about the general mailing list