[OpenID] Google's proprietary discovery extension?

Wed Jul 29 02:37:12 UTC 2009

Apparently there are people unhappy about this Google Initiative.
http://www.readwriteweb.com/enterprise/2009/07/openid-for-google-apps-is-here.php
http://www.readwriteweb.com/enterprise/2009/07/openid-for-google-apps-is-here.php 

Were I come from there is an old saying that goes "If you don't sit on your
chair, your dog will sit on it". 
And that is exactly what has happened. The so called unhappy folks did
nothing for the last two years, since 2007, (release of 2.0). So what is
there to crib about now?

Peter Williams wrote:
> 
> What I most like about this initiative - apart from the technical content
> - it it breaks a taboo: that vendor-endorsed extensions are entirely
> proper. That is, you dont HAVE to beg openid foundation for permission to
> extend the openid auth protocol, or register it with some foundation
> controlled authority.
> 
> This opens the market for LOTS and lots of discovery extensions now, from
> lots of folks with new (and old) ideas about trust management.
> 
> 
> ________________________________
> From: general-bounces at openid.net [general-bounces at openid.net] On Behalf Of
> Eric Sachs [esachs at google.com]
> Sent: Tuesday, July 28, 2009 8:29 AM
> To: Breno de Medeiros
> Cc: general
> Subject: Re: [OpenID] Google's proprietary discovery extension?
> 
> The Google announcement of this new OpenID service has now been formally
> posted at
> http://googlecode.blogspot.com/2009/07/google-apps-openid-identity-hub-for.html
> 
> On Fri, Jul 10, 2009 at 11:13 AM, Breno de Medeiros
> <breno at google.com<mailto:breno at google.com>> wrote:
> There is a proposal for a webfinger protocol based on standards (the IETF
> LRDD proposal and either (optionally signed) XRDS or the newly proposed
> (optionally signed) XRD format) that would allow users to type
> 
> 'google.com<http://google.com>'
> 
> or their email address,
> 
> and it would just work. It would also work for users of Google Apps for
> Your Domain, that have email addresses that are not
> @gmail.com<http://gmail.com> or @googlemail.com<http://googlemail.com>.
> These users comprise a significant portion of our user base.
> 
> Hopefully the community will be excited about these possibilities and will
> embrace a new vision for discovery that supports all users. We at Google
> have NOT been working on this behind the scenes. For instance, see John
> Panzer's blog post on webfinger at http://www.abstractioneer.org/, our
> involvement in the XRI TC (see the markmail links in Eric's message), and
> many emails that we have exchanged in the various openid mailing lists
> about discovery in the past several months. We have also added our names
> to a proposal for an OpenID discovery WG
> http://wiki.openid.net/OpenID-Discovery
> 
> We invite all that are excited about possibilities with a new discovery
> mechanism (supporting email and xmpp addresses as OpenID identifiers,
> improving security of discovery, making it more flexible to work with
> hosted applications, etc.) to
> contribute with momentum to move this forward.
> 
> On Thu, Jul 9, 2009 at 10:14 AM, Eric Sachs
> <esachs at google.com<mailto:esachs at google.com>> wrote:
>>> I haven't heard anything about this except from this one article.
> 
> In terms of more background on the evolving discovery standards, the best
> information is actually on a blog run by Eran Hammer-Lahav at Yahoo who
> has led a lot of the work in this space.  Here is a hyperlink which will
> show you all the blog posts he has done about "discovery" and he has done
> a good job of trying to provide background.
> http://www.hueniverse.com/hueniverse/discovery/
> Note though that this work is not specific to OpenID, but instead is to
> try to provide a generic discovery mechanism that can be used my multiple
> protocols.
> 
> If you want to join some of the discussions, here are links to a few
> threads:
> http://lists.oasis-open.org/archives/xri/200905/msg00025.html
> http://markmail.org/message/rup4ikec43bk4wkg
> http://markmail.org/message/5ckiqdzjguipa3qf
> We do still want more community discussions about discovery, and its
> application to OpenID.  While these standards are being refined, we are
> providing a proof-of-concept implementation of a next-generation OpenID
> discovery protocol. While some of the details of this
> proof-of-concept-implementation are different from what the eventual
> standards are likely to look like (e.g., we're using XRDS instead of XRD
> for discovery documents, and are using temporary namespaces), we believe
> all the necessary pieces are there.  For nitty gritty details, see
> http://sites.google.com/site/oauthgoog/fedlogininterp/openiddiscovery
> 
> 
> 
> On Thu, Jul 9, 2009 at 9:59 AM, Andrew Arnott
> <andrewarnott at gmail.com<mailto:andrewarnott at gmail.com>> wrote:
> Oops.... I sent my email to the wrong list.  See below.
> 
> --
> Andrew Arnott
> "I [may] not agree with what you have to say, but I'll defend to the death
> your right to say it." - S. G. Tallentyre
> 
> 
> On Thu, Jul 9, 2009 at 9:58 AM, Andrew Arnott
> <andrewarnott at gmail.com<mailto:andrewarnott at gmail.com>> wrote:
> From
> http://www.readwriteweb.com/archives/google_to_announce_major_identity_initiative_for_1.php
> 
> OpenID relying parties will need to be redirected from the domain provided
> at user login over to Google's OpenID service. In order for this redirect
> to happen, all relying parties will need to start looking for a new OpenID
> extension that Google has developed and implemented in conjunction with
> one relying party technology, JanRain's RPX<http://www.janrain.com/>.
> 
> Is this just FUD about Google?  I haven't heard anything about this except
> from this one article. And Google's own OpenID for Google
> Apps<http://code.google.com/intl/ja/apis/accounts/docs/OpenID.html> page
> says nothing about a special extension.
> 
> 
> --
> Andrew Arnott
> "I [may] not agree with what you have to say, but I'll defend to the death
> your right to say it." - S. G. Tallentyre
> 
> 
> _______________________________________________
> general mailing list
> general at openid.net<mailto:general at openid.net>
> http://openid.net/mailman/listinfo/general
> 
> 
> 
> _______________________________________________
> general mailing list
> general at openid.net<mailto:general at openid.net>
> http://openid.net/mailman/listinfo/general
> 
> 
> 
> 
> --
> --Breno
> 
> +1 (650) 214-1007 desk
> +1 (408) 212-0135 (Grand Central)
> MTV-41-3 : 383-A
> PST (GMT-8) / PDT(GMT-7)
> 
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
> 
> 

-----

Santosh Rajan
http://santrajan.blogspot.com http://santrajan.blogspot.com 
-- 
View this message in context: http://www.nabble.com/Re%3A-Google%27s-proprietary-discovery-extension--tp24414092p24711421.html
Sent from the OpenID - General mailing list archive at Nabble.com.