[OpenID] Fwd: [OpenID Foundation] New Poll Opened

Peter Williams pwilliams at rapattoni.com
Sat Mar 21 01:44:41 UTC 2009 

Openid clearly started with the OP being someone's blogsite - expecting there to be millions of OPs (i.e. you and me) and equal number of RPs. Clearly, vanity delegation was nothing more than adding a few meta tags to your blog's html home page, giving one the ability to use various of your blog site URLs faciliting portability. Even I managed to do test all that (in its essentially original openid1.1 form), and I'm technically incompetent. And  RP was an authenticated comment handler ...on someone's blog site. If the blog provider was hosted (by blogspot), fine. Or, a wordpress installation of a blog server on your enterprise gateway was just as legitimate to hosted blogs in livejounrnal, say. Host a serer yourself or be a tenant of a blogservice - it made no difference to your status as an OP.

Now, we never hear of that world any longer. The founders seems to change orientation, right about the time I started focusing on openid. And to be fair, it was and still is the mega-OP with openid2 capabilities that drives our commercial interest (seeing as they can nowhandle the ~6 million accounts of users who occasionally come to our site, now to authenticate using websso - or "identity verification"). At the same time, for realtors themselves (vs the public who search realtor listings), the peer-peer model is also important; and there are a million of these (each with their own web2.0 portal, offering a variety of "professional" services to their homeowner clients).

Since Openid2, all I ever hear is about yahoo, paypal, google, facebook, myspace and live - who will each govern (n00 million) users. The users (and nominal owners of a blog site) are no longer the OP: s/he is a merely "subscriber" to an OP service - which will "speak for" the "site owner" under their brand rather than the individual's "brand". The rules and interaction with an RP will be the OP's decision (no longer the subscriber). If the subscriber wants to do this or that trust model with the RPs, it is now irrelevant. You want to use Yahoo, it WILL be ssl and their UI design rules (whether the original OP/site wants it, or not).

Am I wrong that the founders (who obviously knowingly migrated to the world of openid2, and directed id in particular) changed focus? Did you move the notion of  OPs from being those x00,000 owners of blog sites (who can set their own policy) to the (small number of) large portal firms that now host n00,000 "tenants" each - all acting under a single brand and security policy?


> -----Original Message-----
> From: general-bounces at openid.net [mailto:general-bounces at openid.net] On
> Behalf Of Martin Atkins
> Sent: Friday, March 20, 2009 4:27 PM
> To: general at openid.net
> Subject: Re: [OpenID] Fwd: [OpenID Foundation] New Poll Opened
>
> Peter Williams wrote:
> >
> > OpenID on the
> > other hand started peer/peer, and is rapidly he[Peter Williams]  adding into the TTP
> space
> > (where I suspect its founders wanted it all along).
> >
>
> Your suspicions are incorrect.
>
> Its "founders" (which I choose to understand as those who started the
> project, which started with Brad Fitzpatrick and fanned out to a number
> of others including myself) imagined it originally as a solution to the
> problem of allowing users of LiveJournal.com to leave comments on
> DeadJournal.com and vice-versa; that it ended up being a user-centric,
> decentralized system tis largely a symptom of the culture of the
> LiveJournal developers.
>
> The original OpenID was designed to operate without SSL at all, with
> parties establishing associations on the fly with no verification, and
> it remains that way today on LiveJournal.com. Some folks wanted the
> benefits that SSL brings, and that's fine... no-one's forcing you to
> use
> SSL right now. I fought SSL being a requirement for OpenID 2.0 and I
> will continue to fight it as I believe it should be up to each party to
> decide whether it needs the benefits SSL provides.
>
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general

More information about the general mailing list