<html><body bgcolor="#FFFFFF"><div>Paas vs saas. Platform as a service.</div><div><br></div><div>Btw: after I heard the salmon story pull together atom feeds, feed aggregation, xrd discovery, webfinger lookups, openid sessions to access per user signing services for comments flowing back to the master repository from an aggregator, oauth autosigning of messages between by mta nodes ( sorry i meant atom syndicators and channel aggregators), and then heard how wssecurity sts and token rewriters and securitycontexttokens were being exposed now to the world of rest using wrap... I said to myself: my god, they are building a webos. I'd just seen a secure "enterprise" bus, using web scalable technology to build now distributed-webapps.</div><div><br></div><div>This Is certainly paas vs saas.</div><div><br></div><div>Anyone with sound judgement buys into openid/oauth hybrid r&d on that story alone. But one has to admit, it's a different pitch to the one folks used to tell. It's much bigger and much more profound than the saml websso and pdp/pep story</div><div><br></div><div> <br><br>Sent from my iPhone mean </div><div><br>On Nov 13, 2009, at 1:42 PM, John Panzer <<a href="mailto:jpanzer@google.com">jpanzer@google.com</a>> wrote:<br><br></div><div></div><blockquote type="cite"><div><div class="gmail_quote">On Fri, Nov 13, 2009 at 1:16 PM, Peter Williams <span dir="ltr"><<a href="mailto:home_pw@msn.com"><a href="mailto:home_pw@msn.com">home_pw@msn.com</a></a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div bgcolor="#FFFFFF"><div>The web changed Internet email culture, with many of the older communication patterns being lost. Out went most of the humor (and trust). In came standardized messaging, much as is used when running a corporation.<br>
</div></div></blockquote><div><br></div><div>Well, in my day we used bang-path addresses. And we liked 'em! (No, we hated 'em.)</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div bgcolor="#FFFFFF"><div></div><div><br></div><div>Remember the old adage: when assigning malice or Incompetence as motive, it's almost always incompetence.</div><div><br></div><div>I am indeed a bit frustrated, I suppose - as evidently im as ignorant (and thus as practically incompetent) as I was when I for one started looking at openid. It took me nearly 3 years to understand xri, xrds, name resolution, localid synonyms, yadis and openid...so I could comprehend what folks pitched as s's main differentiator over a saml infrastructure: uci and trust network management offloaded to ibrokers. By the time id fathomed all that and java and openxri libraries and could finally program and sign an xrd usable by my yadis consumer from my own trust network connected to the public name resolvers, uci is (sigh) no longer the central thrust of the movement. Now it's all been inverted, to be all about offloading domain endpoints to paas vendors and securing restful Apis with hmacs. (why not just add an ssl record layer protocol instead!!)</div>
</div></blockquote><div><br></div><div>Not sure what paas is. I personally believe UCI is important; I view outsourcing as one valid option which individuals can choose. And unless you can talk to APIs using something other than HTTP Basic or proprietary auth, UCI doesn't even have a chance to enter the picture.</div>
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div bgcolor="#FFFFFF"><div><br></div><div>At the same time, it's all if the web gets universal (rsa) signed xrd to update and replace signed domain certs and cert chains.</div>
<div><br></div><div>I'll be happy if ietf includes a normative signed xrd example in the host meta profile. Then it's all been worth it.</div></div></blockquote><div><br></div><div>I'll be happy with valid, working examples too. Especially ones someone could copy and paste to do a parsing & validation check against a new library.</div>
<div><br></div><div>It's not clear to me where the discussion for host-meta should be happening to be honest. At the moment I'm throwing everything at <a href="http://groups.google.com/group/webfinger"><a href="http://groups.google.com/group/webfinger">http://groups.google.com/group/webfinger</a></a> until people complain.</div>
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div bgcolor="#FFFFFF"><div><div></div><div class="h5"><div><br>On Nov 13, 2009, at 11:15 AM, Brian Kissel <<a href="mailto:bkissel@janrain.com" target="_blank"><a href="mailto:bkissel@janrain.com">bkissel@janrain.com</a></a>> wrote:<br>
<br></div><div></div><blockquote type="cite"><div>
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">+1, well said John.<span> </span>We absolutely do want a diversity of opinion
and constructive dialog, passionate even ;-) But also respectful and
inclusive.<span> </span>As John says, if this becomes
a flaming feast, we may discourage others who have unique perspectives from
sharing their questions, thoughts, and suggestions which would do us all a disservice.</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:navy">Cheers,</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:navy"><br>
Brian</span></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;color:navy">___________</span></b><span style="font-size:11.0pt;color:navy"></span></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;color:#1F497D"> </span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;color:navy"><a href="http://www.linkedin.com/pub/0/10/254" target="_blank">Brian
Kissel</a></span></b><span style="font-size:11.0pt;color:#1F497D"></span></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;color:navy">CEO, JanRain - </span></b><b><i><span style="font-size:11.0pt;color:#333399">OpenID-enable your websites, customers, partners, and
employees</span></i></b><span style="font-size:11.0pt;color:navy"></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:navy">5331 SW Macadam Ave., Suite 375, Portland, OR
97239</span></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;color:navy">Email</span></b><span style="font-size:11.0pt;color:navy">: <a href="mailto:bkissel@janrain.com" target="_blank"><span style="color:navy">bkissel@janrain.com</span></a>
<b>Cell</b>: 503.866.4424 <b>Fax</b>: 503.296.5502</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D"> </span></p>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt">From:</span></b><span style="font-size:10.0pt"> <a href="mailto:openid-general-bounces@lists.openid.net" target="_blank"><a href="mailto:openid-general-bounces@lists.openid.net">openid-general-bounces@lists.openid.net</a></a>
[mailto:<a href="mailto:openid-general-bounces@lists.openid.net" target="_blank"><a href="mailto:openid-general-bounces@lists.openid.net">openid-general-bounces@lists.openid.net</a></a>] <b>On Behalf Of </b>John
Panzer<br>
<b>Sent:</b> Friday, November 13, 2009 10:44 AM<br>
<b>To:</b> Peter Williams<br>
<b>Cc:</b> <a href="mailto:openid-general@lists.openid.net" target="_blank"></a><a href="mailto:openid-general@lists.openid.net" target="_blank"><a href="mailto:openid-general@lists.openid.net">openid-general@lists.openid.net</a></a><br>
<b>Subject:</b> Re: [OpenID] [xri-comment] My Feedback for XRD Vrsion 1.0</span></p>
</div>
<p class="MsoNormal"> </p>
<p class="MsoNormal">On Thu, Nov 12, 2009 at 10:14 PM, SitG Admin <<a href="mailto:sysadmin@shadowsinthegarden.com" target="_blank"></a><a href="mailto:sysadmin@shadowsinthegarden.com" target="_blank"><a href="mailto:sysadmin@shadowsinthegarden.com">sysadmin@shadowsinthegarden.com</a></a>>
wrote:</p>
<div>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in">
<div>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in">
<p class="MsoNormal">Maybe the OpenID board should consider enforcing some basic
rules of civility and professionalism on this list.</p>
</blockquote>
<p class="MsoNormal"> </p>
</div>
<p class="MsoNormal">As much as I value civility, I disapprove of the
authoritarian approach to moderation. -1; community-enforced rules are more in
keeping with UCI principles, too.</p>
</blockquote>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">In the spirit of community enforced rules, I'd like to say
that we should have, and I believe we do have, community norms against ad
hominem attacks and slurs. I am seeing more and more discussion that
involves these insults lately. My style is to be very thick skinned, try
to provide a polite example, and allow for the possibility that the person
means well but perhaps isn't writing in their first language, or doesn't know
how to take the extra precautions needed in an text-only form of communication
to avoid the appearance of rudeness. This does not mean that I like the
tone of the conversation.</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">Unfortunately, not addressing the tone has a bad effect of
keeping others observing the conversation from joining in; nobody wants to
spend extra time on this or being attacked. It's a chilling effect that
we don't want to have. I want to welcome all who wish to contribute to
the conversation, and do not want them to fear being personally attacked by
doing so.</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">Peter, I have to say I'm not quite sure what you were saying
above in your last response to Santosh. Some parts of it seemed quite
rude to me though and I understand why Eran would react the way he did.
Please take this as friendly feedback.</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">I hope that we can take this as a warning, be more careful
and considerate in communication, and keep it polite while still having a good
and spirited technical discussion.</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">-John</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
</div>
<p class="MsoNormal"> </p>
<p>__________ Information from ESET NOD32 Antivirus, version of virus signature
database 4604 (20091113) __________</p>
<p class="MsoNormal"> </p>
<p>The message was checked by ESET NOD32 Antivirus.</p>
<p class="MsoNormal"> </p>
<p><a href="http://www.eset.com" target="_blank"><a href="http://www.eset.com">http://www.eset.com</a></a></p>
</div>
</div></blockquote></div></div></div></blockquote></div><br>
</div></blockquote></body></html>