Enterprise Concerns
Johannes Ernst
jernst+openid.net at netmesh.us
Tue May 29 21:20:55 UTC 2007
Amen. Great list.
I would add one more: let's focus single-mindedly on things that we
actually know are demanded by the market without which adoption does
not occur, instead of growing the amount of technology that needs to
be implemented into places where ROI (for implementors, deployers,
users, ...) is at best uncertain.
Okay, I'm exaggerating. But directionally, I don't think I'm wrong --
witness the discussion about the "complexity" of Authentication 2.0
and the perceived relative benefits.
On May 29, 2007, at 13:33, McGovern, James F ((HTSC, IT)) wrote:
> Been silently observing many of the email exchanges over the last
> couple of weeks and from an end-customer perspective I am somewhat
> concerned. Some of the general themes I have observed are:
>
> 1. Too much focus on breaking compatibility with OpenID 1.1. While
> you have had some success, now is the time to break things. It is
> more important to get to the right long term approach earlier in
> the lifecycle.
>
> 2. Too much focus on being unphishable. While this is important and
> foward progress should happen, I don't think that this should be
> the only focus. I salute Kim Cameron for getting folks off their
> butt to solve this problem though.
>
> 3. Publish, publish, publish. Stop iterating and start publishing.
> The draft is way overdue and folks will not pay attention to a
> specification where velocity of change is occuring this frequently.
>
> 4. Tackle and discuss issues head on. I have seen several valid
> issues where folks way too easily dismissed the concern stating
> cliche phrases such as not in scope, someone else's problem, etc.
>
> 5. Not soliciting end user feedback. The observation is that there
> are lots of folks attempting to create a product around the spec
> and are simply iterating in order to be interoperable but haven't
> asked themselves is this what buyers of software actually desire.
> Many of the features that make this interesting seem to go ignored
> (e.g. attestation, authorization, support for XACML, etc)
>
>
> **********************************************************************
> ***
> This communication, including attachments, is
> for the exclusive use of addressee and may contain proprietary,
> confidential and/or privileged information. If you are not the
> intended
> recipient, any use, copying, disclosure, dissemination or
> distribution is
> strictly prohibited. If you are not the intended recipient, please
> notify
> the sender immediately by return e-mail, delete this communication and
> destroy all copies.
> **********************************************************************
> ***
>
> _______________________________________________
> specs mailing list
> specs at openid.net
> http://openid.net/mailman/listinfo/specs
Johannes Ernst
NetMesh Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openid-relying-party-authenticated.gif
Type: image/gif
Size: 903 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20070529/32685a5a/attachment-0004.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lid.gif
Type: image/gif
Size: 973 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20070529/32685a5a/attachment-0005.gif>
-------------- next part --------------
http://netmesh.info/jernst
More information about the specs
mailing list