[OpenID] Purpose of OpenID Foundation and the Elections

Eran Hammer-Lahav eran at hueniverse.com
Sun Dec 14 06:55:43 UTC 2008 

First, I hate the term "Open Stack". It is not a stack, it is a bunch of specifications, most of which are far from finished or adopted, which so far can be put together to produce pretty minimal usefulness. Now, give this 'bunch' another year or two and I think you will have a collection of building blocks that can truly empower something great.

My main objection to the "Open Stack" pitch currently proposed is that it doesn't include HTTP, ATOM, XMPP, or other important building blocks. It seems to be discriminating based its common principals (where I usually stick my nose). So far, Portable Contact is the only protocol where this "stack" is applicable, but even there it isn't a stack but a combination of different protocols each providing a different functionality.

---

Second, as a contributor to OAuth and XRD (the new replacement for XRDS/Yadis), I am not in favor of linking these technologies together and suggesting their real value is as a package. They each solve a very specific problem and can be used by open and close products. In addition, OAuth, OpenID, XRD, Portable Contacts, etc. still have a long way to go to establish themselves and get widely adopted. In a recent conversation when someone suggested that OAuth is widely adopted, someone else pointed out that "OAuth has some adoption, TCP is widely adopted".

OpenID has accomplished more than many other protocols in the identity space but the rest of the protocols suggested as part of this package still have a long way to go before they stand on their own two feet.

---

As to where *I* stand with regard to promoting the "Open Stack", I don't. I promote individual protocols and specifications and suggest their application based on the requirements and needs of the engineers building a product. When the product being discussed was Facebook Connect, I expressed my frustration (strongly, on this list) that they did not incorporate at least OAuth, and potentially OpenID in their product. These two protocols are extremely relevant and useful, purely from a specification standpoint.

The OpenID foundation should focus on OpenID adoption. The best way to accomplish that might be showing how OpenID can be used as the basis for a Facebook Connect like service, and in that case, other specifications can be used. OpenID should not abandon its mission and values and turn into an effort trying to selling something "bigger and better" in which the OpenID protocol is just one moving part.

If OpenID cannot stand on its own, and I strongly believe that it *can*, using more "generally related" specifications is not the right approach. It would be like mentioning I know someone famous when my own qualifications for a job are not sufficient.

The OpenID board should focus on OpenID.

EHL



> -----Original Message-----
> From: general-bounces at openid.net [mailto:general-bounces at openid.net] On
> Behalf Of Pat Cappelaere
> Sent: Saturday, December 13, 2008 8:48 AM
> To: david at sixapart.com
> Cc: Martin Atkins; general at openid.net List
> Subject: Re: [OpenID] Purpose of OpenID Foundation and the Elections
>
> David,
>
> But where do you stand?  Is something that you support or not?
> What would you be pushing if you were on the board?
> It seems that you may not have a strong opinion and just want to talk
> about it?
> Pat.
>
> On Dec 13, 2008, at 11:00 AM, David Recordon wrote:
>
> > Hey Pat,
> > I think it's something that is hard to predict the best answer to
> > and a decision that cannot be made by the OpenID community alone.
> > Getting to agreement between communities that we need a marketable
> > brand for the "open stack" is the first step.  The second is
> > deciding what that brand is.
> >
> > Just as the Data Portability group pissed off a lot of people by
> > saying that it would represent their technologies, I'm afraid that
> > if we unilaterally decide that OpenID will be this brand without
> > first spending time talking and working with others that the same
> > will occur.  It isn't just the OpenID community or Foundation to
> > decide that we want OpenID to be this brand, but a collective
> > decision between our community and a few others.
> >
> > If taken lightly, we will fail.
> >
> > --David
> >
> > On Dec 13, 2008, at 1:25 PM, Pat Cappelaere wrote:
> >
> >> I actually was hoping that more candidates would articulate their
> >> positions on that matter :(
> >> Raising a question is not quite sufficient.
> >> Sorry :(
> >> But I would like to thank Tom for declaring his position.
> >> Pat.
> >>
> >>
> >> On Dec 13, 2008, at 5:31 AM, David Recordon wrote:
> >>
> >>> And this is the million dollar question! :)
> >>>
> >>> Should OpenID become the brand of the overall Open Stack or be a
> >>> piece of technology that makes up a new brand.
> >>>
> >>> On Dec 13, 2008, at 3:06 AM, Pat Cappelaere wrote:
> >>>
> >>>> The question was about the branding position of the new board.
> >>>> I am not sure that the OIDF could take over that Open Stack and
> >>>> brand
> >>>> it... Or this is what you are advocating?
> >>>> Thanks,
> >>>> Pat.
> >>>>
> >>>> On Dec 12, 2008, at 9:06 PM, Allen Tom wrote:
> >>>>
> >>>>> Hi Pat,
> >>>>>
> >>>>> Is this question about branding, or a question about the
> >>>>> underlying
> >>>>> protocols and technologies?
> >>>>>
> >>>>> As far as branding is concerned, my personal belief is that there
> >>>>> should be a single Open Stack Brand that includes OpenID, OAuth,
> >>>>> XRD, Portable Contacts, XMPP, and other complimentary protocols.
> >>>>> Most of the news articles that I've seen about Facebook Connect
> >>>>> refer to OpenID as the open alternative to Connect, but OpenID
> >>>>> as a
> >>>>> technology is just a small component of the stack that is needed
> >>>>> to
> >>>>> mimic Connect. Given that OpenID is already perceived to be the
> >>>>> Open
> >>>>> Stack, it might make sense to just group them all into one brand
> >>>>> under OpenID name.
> >>>>>
> >>>>> Speaking as an engineer, in my opinion, it's far more important
> to
> >>>>> actually build and deploy an integrated solution than it is to
> >>>>> worry
> >>>>> about branding. That being said, a solution called OpenID/OAuth/
> >>>>> XRD/
> >>>>> PoCo/XMPP/XFN/hCard deserves a catchy name.
> >>>>>
> >>>>> Allen
> >>>>>
> >>>>>
> >>>>> Pat Cappelaere wrote:
> >>>>>> I would really like to hear from the candidates about OpenID
> >>>>>> branding  and their position on possible brand extension with
> >>>>>> OAuth.
> >>>>>>
> >>>>>> What is their brand definition for OpenID and whether or not
> >>>>>> OAuth
> >>>>>> would be a natural extension?
> >>>>>>
> >>>>>> I really like the discussion that started with Eran and
> Johannes.
> >>>>>>
> >>>>>> Pat.
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>
> >>>>
> >>>> _______________________________________________
> >>>> general mailing list
> >>>> general at openid.net
> >>>> http://openid.net/mailman/listinfo/general
> >>>
> >>>
> >>
> >
> >
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general

More information about the general mailing list