<HTML dir=ltr><HEAD></HEAD>
<BODY>
<DIV id=idOWAReplyText97692 dir=ltr>
<DIV dir=ltr><FONT face=Arial color=#000000 size=2></FONT>Ok. We had a storm in a tea cup. We are left reading the tea leaves - which is always fun.</DIV>
<DIV dir=ltr> </DIV>
<DIV dir=ltr>Why was it so important to make the original distinction, and then "stand by truth" .. focusing on particular wording? All I really noted was the "original tone" and was querying the "intent". Im still interested in the thought train. There is an obvious sensitivity around this issue, or something underlying the issue.</DIV>
<DIV dir=ltr> </DIV>
<DIV dir=ltr>The actual distinction being ultimately drawn is of course rather similar to the third party (vs. Yahoo!) who made a OpenID/Yahoo gateway a while back (presumably using Yahoo's membership API). It was a nice precursor to the "Official" support - and only received plaudits. Presumably, it either died after the Yahoo OpenID launch ...or ...the programmer improved to update his/her design ideas with the design profiling Yahoo did - in the usual tit-for-tat "improvement" cycle that usually spurs the web's continual improvement.</DIV>
<DIV dir=ltr> </DIV>
<DIV dir=ltr>Perhaps, if google has been addressed and yahoo has been addressed by gatewaying, all that remains now for that sector of the web id space is for someone to build an OpenID/Passport/LiveID gateway. As I recall, there was a LiveID prototype STS in the cloud, for a while. There is no shortage of ws-trust client sample code to ping the STS as an authentication source, before one casts the result as OpenID. (I already have a federation partner who has the done the jabber gateway.)</DIV>
<DIV dir=ltr> </DIV>
<DIV dir=ltr>If I generalize the topic now, I did note in browsing some Shibboleth design session notes on an Internet2 wiki that Scott Cantor has previously expressed reservations on gatewaying - on the grounds (and here I interpret a little) that they interfere with privacy features. The point being, I think, that the very notion of gatewaying sp-initiated flows back to back (and yet further back-to-back WITHOUT formalized proxy control signaling) interferes with the writer-to-reader (end-to-end) assumptions that the security services built into the websso protocols usually make, in their privacy-enhanced signaling. While cardspace clearly has the capability to enforce writer-to-reader (relying on TPM to TPM and crypto control system to enforce an ORCON policy), its making broad assumptions about trust hardware and trust OS deployment that is of course not "yet viable," in today's web.</DIV>
<DIV dir=ltr> </DIV></DIV>
<DIV dir=ltr><BR>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> Will Merydith<BR><B>Sent:</B> Fri 4/11/2008 2:45 PM<BR><B>To:</B> Paul Madsen<BR><B>Cc:</B> Peter Williams; general@openid.net<BR><B>Subject:</B> Re: [OpenID] Supporting OpenID<BR></FONT><BR></DIV>
<DIV><PRE style="WORD-WRAP: break-word">Understood - frankly I'm embarrassed for associating the app engine
with Google "official" support. I know better.
However in my defense there is nothing on that page to make it plain
(to the average user) that that application is not a Google
application.
I do still sense a bit (or a lot) of PR bagging here on the part of
Microsoft and Google. Which is a reality I know but still
frustrating.
On Fri, Apr 11, 2008 at 4:36 PM, Paul Madsen <paulmadsen@rogers.com> wrote:
> Peter, indeed. Google, through Blogger, already meaningfully supports
> OpenID as an OP.
>
> Will's original question was on the provenance of the openid-provider
> built on Google's app engine.
>
> I stand by my characterization of that app as 'nothing to do with
> Google', in the sense of supporting OpenID. That Google supports OpenID
> elsewhere (in Blogger) is a different matter.
>
> Regards
>
> Paul
>
>
>
> Peter Williams wrote:
> > Is blogspot google, or not? (irrespetive of any other google-related initiative)
> >
> > I honestly care. Corporate endorsement via practice is far more valuable then any amount of pr grade endorsements. For example inkblots was was not the best endosremet via practive microsoft could have made (irrespective of the validity of inspots as a nuveau auth technique).
> >
> > -----Original Message-----
> > From: Paul Madsen <paulmadsen@rogers.com>
> > Sent: Friday, April 11, 2008 4:45 PM
> > To: Peter Williams <pwilliams@rapattoni.com>
> > Cc: general@openid.net <general@openid.net>
> > Subject: Re: [OpenID] Supporting OpenID
> >
> > Peter, please 'opine' further how you think my email was
> >
> > a) part of a campaign
> > b) dubious
> >
> > I simply explained to Will the reality of the relationship between
> > Google and the OpenID provider built on its app engine.
> >
> > I am active in Liberty, but not in Sun. Their strategies are their own.
> >
> > Regards
> >
> > paul
> >
> > Peter Williams wrote:
> >
> >> I should opine more.
> >>
> >> Im currently of the opinion that certain folks aligned with liberty alliance are engaged in a messaging campaign of dubious repute. I was VERY depressed at an rsa conference session by folks from sun, for example. Couched in entirely valid technical analysis were a series of corporate non-endorsement messages (in my view). I'm wizened enough in silicon valley politics to know to contrast the frontroom from the backroom signals.
> >>
> >> I was not impressed by sun being just yet another idp (that also ran) vs an rp. Being an idp takes no effort.
> >>
> >> -----Original Message-----
> >> From: Peter Williams <pwilliams@rapattoni.com>
> >> Sent: Friday, April 11, 2008 4:23 PM
> >> To: Paul Madsen <paulmadsen@rogers.com>; Will Merydith <will.merydith@gmail.com>
> >> Cc: general@openid.net <general@openid.net>
> >> Subject: Re: [OpenID] Supporting OpenID
> >>
> >> Why do you say this?
> >>
> >>
> >>
> >> 2) what you perceive as Google support for OpenID actually has nothing
> >> to to with Google
> >>
> >>
> >> Google may have started as as search engine, but it presented itself (and its subsidiarues) as a manged service provider at the rsa show, like a hundred others vying for control over the cloud.
> >> _______________________________________________
> >> general mailing list
> >> general@openid.net
> >> http://openid.net/mailman/listinfo/general
> >>
> >>
> >>
> >
> >
>
> --
> Paul Madsen e:paulmadsen @ ntt-at.com
> NTT p:613-482-0432
> m:613-282-8647
> aim:PaulMdsn5
> web:connectid.blogspot.com
>
> _______________________________________________
> general mailing list
> general@openid.net
> http://openid.net/mailman/listinfo/general
>
--
will.merydith@gmail.com
cell 641.233.7548
CTO - 3Mix.com
Blog - LivingInSmallSizes.com
</PRE></DIV></BODY></HTML>