[OpenID] Yahoo hijacking?

Sat Apr 19 19:06:20 UTC 2008

I agree we are dealing with the topic of appearance. So lets generalize this discussion, since Yahoo! and Janrain both find themselves in the hotseat over appearance issues (about which I have little negative opinion, on either score). For me the issue is not these two leaders first-mover activities - its the display of the Foundation's leadership style I care to comment on; how its Board members behave over - or induce and/or fan the flames of -  appearance flaps.

Governance is hard, and good governance in the glare of publicity is even harder - if not impossible. Rhetorical positioning based on notions such as "appropriateness" are extremely dangerous in early-phase, essentially "non-commercial" communities. Start mixing these mature-phase control paradigms with even the hint of a regular communication campaign based on using threats of "serious (VeriSign legal dept) consequences" if one "dares" to counter the patent covenant policy (already happened) and then focus (within just a week of being given the power) on litigation frameworks given the "imperative" to be seen to engage in trademark enforcement (now happening) we must recognize that it all sets a first impression "tone". And, its an awful tone to start out with in a new grass-roots culture with immature political processes.

I generally like the tone our friend from LID takes, mostly because it seems ultra genuine and its also very practical in an end-user world with post-SSL awareness levels, the general awareness of people on government and corporate spying capabilities, and the fact that we are acting in a global theatre dealing with difficult global vs national policy issues. On "compliance", the LID line comes across as very effective and tactical (and this is my interpretation): we affirmatively lead with the  policies of not using "reference code" and not using discriminating "compliance testing" and letting a community self-define its own interworking excellence criteria  -- because we *know* that this counter-cultural practice is needed to garner the *kind* of adoption we (the adopting community!) are after.  This is the kind of grass-roots leadership I respect and want to see (even when I don't agree with it);  not "appearance management".

From: Max Metral
Sent: Sat 4/19/2008 7:43 AM
To: Peter Williams; Allen Tom
Cc: general at openid.net
Subject: RE: [OpenID] Yahoo hijacking?

This is a reply to an off-list message that I felt should be on-list, so I removed the original message.  Apologies if some context is lost.

I think my argument starts with an appropriateness argument and is using that to push a compliance definition that supports it.  And while I'm not sitting here waving a US flag, the version of the "mechanism" I'm trying to use here is market force.  From my Passport days I'm basically suggesting that if this "story or concern" were to take hold it would be very damaging to OpenID overall.  If potential adopting sites come to believe that there's a non-negligible chance that sending someone off to signin with OpenID is the last time they'll see them, and in this case that on the margin, the IDP is potentially competing with the RP for the users attention, we're in trouble.

I don't think Allen and/or Yahoo are trying to be evil here.  I don't think there were hour long meetings trying to figure out how to screw the RPs.  I just think appearances here are important, especially when you're the #1 trafficed site on the internet and you're about to join MSFT (good luck with that, been there, was fun, buy the book, eat the food, etc).

At the very least, one possible solution would be saying more with the link.

"I do not want to login, take me to Yahoo"

And perhaps a second like

"I do not want to login, take me to Foobar.com"

Or a combination

"I do not want to login, take me to >Foobar.com< or >Yahoo.com<"

--Max

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20080419/f38787db/attachment-0002.htm>