FW: Connect Work Group proposal

Brian Kissel bkissel at janrain.com
Sat May 22 15:51:20 UTC 2010


This is GREAT feedback that the OIDF should take to heart - thank you Dan.


How can we communicate to the marketplace how all our WG initiatives are
related to each other, what the high level objectives and timing are for
each, who is leading them, how folks can participate, etc.  Is this
something we should list in summary fashion on the OIDF website, with
links to the various WG sites?

Dan, in addition to the sample charter that you referred us to
http://datatracker.ietf.org/wg/oauth/charter/, are there any good examples
of how a SIG, Foundation, SDO, etc. presents the relationships between
various working group initiatives?  Would be good to emulate the best
practices already being used by others.

Cheers,

Brian
___________

Brian Kissel
CEO - JanRain, Inc.
bkissel at janrain.com
Mobile: 503.342.2668 | Fax: 503.296.5502
519 SW 3rd Ave. Suite 600  Portland, OR 97204

Increase registrations, engage users, and grow your brand with RPX.  Learn
more at www.rpxnow.com


-----Original Message-----
From: openid-specs-bounces at lists.openid.net
[mailto:openid-specs-bounces at lists.openid.net] On Behalf Of Dan Brickley
Sent: Saturday, May 22, 2010 1:35 AM
To: David Recordon
Cc: Roessler Thomas; openid-specs at lists.openid.net
Subject: Re: Connect Work Group proposal

+cc: Thomas Roessler
> On Sat, May 22, 2010 at 8:42 AM, David Recordon <recordond at gmail.com>
wrote:
> Hey Hans,
> Rough consensus is the minimum bar and at times may be the greatest
> possible consensus. It is also possible that the group reach consensus
> greater than rough.

 Hi David,

 This seems like interesting and useful work and I'm glad to see it
 being brought under a chartered, documented process. However I share
 some of Dick's concerns ("Please explain what problem(s) you are
 trying to solve"). Unless you write down very explicitly the problems
 you think you're solving with this work, you'll find it very difficult
 to measure consensus, let alone achieve it. Lack of written
 requirements and goals will also make it harder for those outside the
 group (and outside the current OpenID world) to understand what you're
 attempting, to estimate your chances of success or likely timeline, or
 to determine whether and how to engage with it.

 If this were a W3C group, at this stage I would expect the Foundation
 to have an idea who the initial chair(s) of the group are, and how
 it's deliverables looked on a draft timeline. I don't know IETF habits
 so well, but something like the 'Goals and Milestones' section in
 http://datatracker.ietf.org/wg/oauth/charter/ would seem appropriate
here.

 It is also traditional for chartered standards activities to be a
 little more specific about their relationship to other groups (and
 their deliverables). Since the OpenID Foundation is a relatively new
 player, your audience will need some help understanding the extent to
 which the Foundation imposes a requirement on its own groups to
 produce architecturally consistent deliverables. As you are also
 basing this effort on work-in-progress from an IETF group, and since
 many of us around W3C are trying to work out how this fits into the
 wider Web standards landscape, it is important to be tediously
 specific here.

 Some standards 'brands' have a reputation for allowing lots of
 parallel work in related fields without strong top level
 'interference' or coordination; others have a reputation for having a
 process that is slower due to an expectation of ensuring broad
 consistency across related work. You will need to help us learn what
 to expect from the OpenID Foundation. The fact that this is a
 single-topic standards body will raise expectations of strong
 consistency (between Connect and v.Next, in this case); the general
 hands-on 'web 2' / 'social web' culture of 'hey, let's just do it!'
 perhaps raises expectations that speed and pragmatism are valued over
 heavy integration. I should stress that neither end of the spectrum is
 'right' here; good work comes in all these styles. But when you simply
 list "OpenID v.Next Working Group proposals." as related work, and
 don't give a timeline, specific dependencies or constraints, it
 becomes impossible for outsiders to understand the way things work
 here. Dick's mail shows that even OpenID insiders don't all have a
 common view.

 The more that can be written in your charter up-front, the better this
will go.

 If and when you launch this group, please try to think through how it
 looks to those in the outside world! Many parties out there can't
 afford to track the fine-grained detail of the OpenID scene, and look
 for the larger trends. A v.Next and a Connect initiative launched at
 the same time will need some care, otherwise - to be blunt - it looks
 like chaos. Perhaps a creative, exciting  chaos, but one that external
 parties won't want to plan around. When Apple's new iPhone leaks,
 people stop buying the old ones. When a new OpenID WG launches, people
 stop hacking on OpenID v-last-year software implementations. When
 *two* new  future-of-OpenID WG efforts launch, people lose any sense
 of what's going on. If you were working hard on implementing OpenID
 and saw the Foundation launch two new groups whose charters barely
 mentioned each other, would you feel confident about spending time
 continuing to implement?

 If this is expected to be the main current trunk of the Foundations
 work on OpenID, the Foundation (and hence charter) should say so
 explicitly. If it is expected to be accompanied by a v.Next sibling
 group, please say what the interactions are to be with that group; how
 will responsibilities and themes be managed? If it is essentially a
 research or incubator group, created to map out the design space of
 possible Oauth-layered OpenID systems, and to understand and document
 the security, usability and deployment characteristics of different
 designs, please say so. I hate to be so boring about this but you
 can't afford to have a charter that just says "trust us", ie. "[we]
 have strong relationships in many of these communities and do not
 anticipate the need of formal liaisons". Many groups outside the inner
 circle here are looking to this work and are trying to understand
 whether (and when) the OpenID community will deliver something they
 can have strong dependencies on.

 My reading of the draft is that it is essentially investigative; a
 support / research / prototyping group. I get that from counting the
 number of times 'explore' is used (eight :). I guess therefore that no
 other OpenID Foundation group has strong dependencies on it, and it is
 intended to serve as a more exploratory sibling activity to any V.Next
 'main track' work.

 For this to be feasible I think you need to add:

 * explicit requirements (you have long lists of technical and other
constraints in your heads; please write them down!)
 * explicit goals and timeline
 * names of initial chair(s) of the WG; whose job is it to keep the
work on track?
 * explicit statement of relationship with any v.Next activities, however
drafty

 Now it is quite possible that this exploratory WG discovers something
 fantastic which should be brought into the main V.Next track of OpenID
 ASAP. If the charter had a 'end Aug 2010: provide a report on any
 discovered fantasticness to the v.Next WG' bullet point, we could
 start to imagine a V.Next WG charter which had 'Sept 2010: review of
 Connect work for possible fantastic ideas'. If you think this could
 all happen by the end of June, let's write that down. If the V.Next
 charter drafters think they could be open to OAuth-based stuff along
 the lines of Connect until -say- July, but after that, they'll have
 picked a design, then let's have their charter reflect that too.

 cheers,

 Dan
_______________________________________________
specs mailing list
specs at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-specs


More information about the specs mailing list