<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns:p="urn:schemas-microsoft-com:office:powerpoint" xmlns:a="urn:schemas-microsoft-com:office:access" xmlns:dt="uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" xmlns:s="uuid:BDC6E3F0-6DA3-11d1-A2A3-00AA00C14882" xmlns:rs="urn:schemas-microsoft-com:rowset" xmlns:z="#RowsetSchema" xmlns:b="urn:schemas-microsoft-com:office:publisher" xmlns:ss="urn:schemas-microsoft-com:office:spreadsheet" xmlns:c="urn:schemas-microsoft-com:office:component:spreadsheet" xmlns:odc="urn:schemas-microsoft-com:office:odc" xmlns:oa="urn:schemas-microsoft-com:office:activation" xmlns:html="http://www.w3.org/TR/REC-html40" xmlns:q="http://schemas.xmlsoap.org/soap/envelope/" xmlns:D="DAV:" xmlns:x2="http://schemas.microsoft.com/office/excel/2003/xml" xmlns:ois="http://schemas.microsoft.com/sharepoint/soap/ois/" xmlns:dir="http://schemas.microsoft.com/sharepoint/soap/directory/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:dsp="http://schemas.microsoft.com/sharepoint/dsp" xmlns:udc="http://schemas.microsoft.com/data/udc" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:sub="http://schemas.microsoft.com/sharepoint/soap/2002/1/alerts/" xmlns:ec="http://www.w3.org/2001/04/xmlenc#" xmlns:sp="http://schemas.microsoft.com/sharepoint/" xmlns:sps="http://schemas.microsoft.com/sharepoint/soap/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:udcxf="http://schemas.microsoft.com/data/udc/xmlfile" xmlns:wf="http://schemas.microsoft.com/sharepoint/soap/workflow/" xmlns:mver="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns:mrels="http://schemas.openxmlformats.org/package/2006/relationships" xmlns:ex12t="http://schemas.microsoft.com/exchange/services/2006/types" xmlns:ex12m="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns:Z="urn:schemas-microsoft-com:" xmlns:st="" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple style='word-wrap: break-word;
-webkit-nbsp-mode: space;-webkit-line-break: after-white-space'>
<div class=Section1>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Hello All,<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Thanks to everyone for the feedback on the changes on OpenID
login on the OpenID.net website. <o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>First, our apologies with the trust root problem that originally
pointed to an RPX affiliated trust root. That problem has been fixed.
Here’s the background for anyone who has questions.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Refresh Media is the contractor that the OIDF hired to design
and implement the polling and elections platforms. Several weeks ago
after an OIDF meeting we decided we wanted to make sure that the polling and
elections platform were going to be operational in time for an end of the year
election. At the time Bill Washburn was incapacitated due to some medical
problems, so I volunteered to work with Mike Jones and Refresh Media to make
sure the system was operational in time for the elections. <o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>After the nominations had started, Refresh Media was having
problems getting OpenID to work for login on the OIDF website:<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal style='margin-left:.5in'><span style='font-family:"Calibri","sans-serif"'>“Our
experience with the "official" Rails plugins for OpenID
authentication has been pretty bad over the last two months.
Specifically, it's been a struggle to get it up to speed with the OpenID
2.0 spec, most significantly adding support for i-names and directed identity.
There would have been probably another week of development required to
overhaul the plugin, but there wasn't enough time to do a proper job for the
board elections. JanRain offered RPX as an alternative to get us up and
running more quickly. We sent Bill Washburn an e-mail in to check to make
sure this was a reasonable approach, but after not hearing back from him made
the switch when the situation became urgent.”<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>The first implementation of RPX was our free RPX Basic version,
which uses the RPX-affiliated trust root since using our Plus or Pro offerings
would have required buying a separate SSL cert. After some OIDF members
expressed concern with the RPX-affiliated trust root, JanRain paid at its own
cost to get a new cert and upgraded the implementation to the Plus, again at no
fee to the OIDF.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>So the system should be working well now, if not please let us
know.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>With respect to whether it’s appropriate to be using RPX
on the OIDF website or not, it appears that there has been a diversity of
opinion. Some of the membership has applauded the improvements in ease of
use and reliability, some have concerns about using any vendor products on the official
OIDF site. I will point out that there is no mention of
JanRain nor RPX on the implementation on the OIDF login implementation.
If, after having now fixed the trust root problem, there is still a desire to
remove RPX we can certainly do that but Refresh Media will still have to fix
the initial problems that it was addressing.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>If a diversity of opinion remains, we could use our newly
implemented polling survey tool to see what the majority of the members would
like to see happen.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:navy'>Cheers,</span><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:navy'><o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:navy'><br>
Brian<o:p></o:p></span></p>
<p class=MsoNormal><b><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:navy'>==============<o:p></o:p></span></b></p>
<p class=MsoNormal><b><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:navy'>Brian Kissel<o:p></o:p></span></b></p>
<p class=MsoNormal><b><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:navy'>Cell: 503.866.4424<o:p></o:p></span></b></p>
<p class=MsoNormal><b><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:navy'>Fax: 503.296.5502<o:p></o:p></span></b></p>
</div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>
general-bounces@openid.net [mailto:general-bounces@openid.net] <b>On Behalf Of </b>David
Recordon<br>
<b>Sent:</b> Friday, December 05, 2008 11:31 AM<br>
<b>To:</b> Chris Messina<br>
<b>Cc:</b> general@openid.net<br>
<b>Subject:</b> Re: [OpenID] Changes to the OpenID Foundation member page login<o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Agreed with Chris here. I
don't inherently have a problem with using RPX since it does provide
value, but the trust root needs to be fixed and far more transparency added by
the Foundation when choosing to use a vendor's product.<o:p></o:p></p>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>I'm also concerned about some of the optics when it comes to
JanRain. As far as I can tell JanRain has started a consulting engagement
when one of the developers the OpenID Foundation retained to build the
membership and elections tool. The elections tool now has JanRain's
solution in it.<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>Given Brian Kissel's growing involvement in the Foundation
the past few months I would have expected him to disclose this as the CEO of
JanRain especially as he's currently running for a *community* board seat in
the election.<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>As to the developer himself, I have no idea if he has a NDA
with JanRain that might have prevented this, if he did disclose it to
the committee of the Foundation that engaged him, or what. I'm
much less concerned about his role in all of this as I'm sure in both engagements
he's just doing what he's being paid to do.<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>--David<o:p></o:p></p>
<div>
<p class=MsoNormal><o:p> </o:p></p>
<div>
<div>
<p class=MsoNormal>On Dec 5, 2008, at 11:08 AM, Chris Messina wrote:<o:p></o:p></p>
</div>
<p class=MsoNormal><br>
<br>
<o:p></o:p></p>
<div>
<p class=MsoNormal>On Fri, Dec 5, 2008 at 11:00 AM, Steven Livingstone-Perez
<<a href="mailto:weblivz@hotmail.com">weblivz@hotmail.com</a>> wrote:<o:p></o:p></p>
<p class=MsoNormal>I don't really have much of a say on this (other than being
a new member)<br>
and you may 100% disagree with me, but IMHO there *is* an argument that in<br>
using best of breed products we can demonstrate the power of OpenID to users<br>
... compared with the cost/effort to implement something that already does a<br>
really good job.<o:p></o:p></p>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>No argument there. Making OpenID seem awesome (or live up to
its promised awesomeness) isn't really something that I'm questioning.<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>This kind of experience can be done without the use of a
vendor product, though, but requires quite a bit more work and time.<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<blockquote style='border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;
margin-left:4.8pt;margin-right:0in'>
<p class=MsoNormal>I do understand the endorsement aspect, but on the other
hand the UX is the<br>
biggest issue OpenID seems to have at the moment and it seems to me that<br>
using such products (so long as they are donated as such and not specific<br>
long term to any one company) can only be a positive thing.<o:p></o:p></p>
</blockquote>
</div>
<p class=MsoNormal><br clear=all>
Therein lies the rub. I'm not arguing against using RPX, but for concealing it
in the trust root (since currently people end up trusting *.<a
href="http://rpxnow.com">rpxnow.com</a> rather than <a href="http://openid.net">openid.net</a>
— thereby creating a long term situation that's hard to switch from
(without users having to *reassociate*)) and for getting some transparency into
how the decision to use RPX was made.<o:p></o:p></p>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>I agree with Eran that the experience is better -- but let's
not set a poor precedent in the interest of expediency.<o:p></o:p></p>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>Chris<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><br>
-- <br>
Chris Messina<br>
Citizen-Participant &<br>
Open Technology Advocate-at-Large<br>
<a href="http://factoryjoe.com">factoryjoe.com</a> # <a
href="http://diso-project.org">diso-project.org</a><br>
<a href="http://citizenagency.com">citizenagency.com</a> # <a
href="http://vidoop.com">vidoop.com</a><br>
This email is: [ ] bloggable [X] ask first [ ]
private<o:p></o:p></p>
</div>
</div>
<p class=MsoNormal>_______________________________________________<br>
general mailing list<br>
<a href="mailto:general@openid.net">general@openid.net</a><br>
http://openid.net/mailman/listinfo/general<o:p></o:p></p>
</div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
</div>
<p class=MsoNormal><br>
<br>
__________ Information from ESET NOD32 Antivirus, version of virus signature
database 3667 (20081205) __________<br>
<br>
The message was checked by ESET NOD32 Antivirus.<br>
<br>
<a href="http://www.eset.com">http://www.eset.com</a><br>
<br>
<br>
__________ Information from ESET NOD32 Antivirus, version of virus signature
database 3668 (20081206) __________<br>
<br>
The message was checked by ESET NOD32 Antivirus.<br>
<br>
<a href="http://www.eset.com">http://www.eset.com</a><o:p></o:p></p>
</div>
</body>
</html>