[OpenID] Musing on FaceBook, OpenID and the next mountain to climb

Johannes Ernst jernst+openid.net at netmesh.us
Wed Jul 30 19:30:49 UTC 2008 

I don't think we have all the pieces. For example, we don't have a  
standard way of "carrying" the social network around. Or how to use  
OpenID auth together with OAuth.

Also, if we look at it as an integrated stack and from a  
"productization" perspective, it needs to become much tighter at the  
very least -- I agree that we have many pieces, but how to join them  
is left as an exercise to the implementor, which reduces the  
likelihood of out-of-the-box interoperability -- something absolutely  
needed for this business case.

I'd like to get some work started on these issues.

On 2008/07/30, at 11:37, David Recordon wrote:

> Is it a question of the technology being able to do this or someone
> showing it can be done with it?
>
> Is there really anything that Facebook did that couldn't be
> accomplished with OpenID Authentication 2.0 and OpenID Attribute
> Exchange?  Might it be more evaluating the technology we have right
> now, why it isn't being used to build something like Facebook Connect,
> and then solving that problem versus starting with the idea that we
> need to create more technology?  I do think we'll see Facebook adopt
> OpenID just like MySpace has done; OpenID as the identity transport
> with bits on top to handle profile and API information.
>
> The model of moving all the data during the initial request doesn't
> seem to be the model that is being adopted.  Instead a model where
> OpenID is combined with OAuth to provide initial identity plus the
> needed bits to make future API requests is taking off.
>
> --David
>
> On Jul 29, 2008, at 9:05 PM, Johannes Ernst wrote:
>
>> Like others, I've been amazed about what Facebook has put together
>> with Facebook Connect as announced last week.
>>
>> Their proposition for relying parties seems to be:
>>
>> - single-sign-on across the web with a simple user experience
>> - high-quality identity information available to RPs
>> - social network information available to RPs
>> - communication from RP into the social network of the user
>>
>> and IMHO, that is indeed a great business proposition for RPs.
>>
>> Of course, they seem to be building this with Facebook-specific
>> protocols, but that's not surprising given that the OpenID
>> technology stack right now is insufficient to accomplish what they
>> wanted to accomplish. But not dramatically so -- it might just be
>> plugging some other technologies into OpenID (like XFN or FOAF etc.)
>> and filling in some gaps if one wanted to do that.
>>
>> So ... methinks we should grow the OpenID stack over the next 6-12
>> months to be able to do all of this (and more?) with open
>> technologies. This would also make OpenID much more interesting to
>> relying parties...
>>
>> Open protocols are clearly necessary to grow the entire market,
>> which would be in the interest of everybody including Facebook.
>>
>> Anybody up to getting an OpenID working group started up to work on
>> this?
>>
>> [Feel free to respond on the list or privately.]
>>
>>
>>
>> Johannes Ernst
>> NetMesh Inc.
>>
>>
>> <openid-relying-party-anonymous.gif> <lid.gif> http://netmesh.info/jernst
>>
>> _______________________________________________
>> general mailing list
>> general at openid.net
>> http://openid.net/mailman/listinfo/general
>
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general

More information about the general mailing list