<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">The Facebook user having her pip
private internet portal where credentials are stored and just
chooses her profile to enter<br>
her favorite virtual world does not know protocols and peter and
david.<br>
cheers, Roland<br>
<br>
<br>
On 31-7-2012 22:16, Peter Williams wrote:<br>
</div>
<blockquote cite="mid:SNT143-W55AD9CF1B1FEC107CD660F92C50@phx.gbl"
type="cite">
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style>
<div dir="ltr">
I know many thousands read you newsletters. And, there you lead
opinion. Thats your job.<br>
<br>
But what is the opinion - that some bit of technology got old?
Wow. This only happens about once every 18 months, down from
every 24 months. Thats about how long software technology
initiatives last. But, some do strike a chord - and last longer.
What are they, in this area? Or is the latest thing just
"another" fad?<br>
<br>
I was at a conference recently, less than a month ago, that
featured a number of opinion makers. Some USED to be SAML
opinion makers (but now no longer are). In fact, some were about
as high-ego about SAML as others now are about not-SAML. But who
cares? We have a bunch of engineering types riding this years
wave vs last year's wave - wave's that typically only lasts 2-5
years if the technology gets off the ground, at all. <br>
<br>
Being slow, and ponderous, and given my space has years and
years of legacy attitudes to contend with just as the US Navy
has to design today considering those ships that were fitted out
20 years ago, it doesnt help me sell to my folks the latest wave
if the wave that was (last year's wave, ot the wave from 5-10
years ago in my space seeing as we are slow) is now dissed
before half of them even adopted the old stuff ago. Folks just
wait on hearing the very "tone", assuming the latest fad is just
as bad the fad that got dissed.<br>
<br>
SAML is a part of the US national infrastucture strategy for id
- a multi-community political consensus built on a rationale
that looks 5 years back and 5 years forward, at the same time.
If Openid community is in a (marketing) war over mindshare, it
missing the strategy and is renaging on its part in that
political agreement - by failing to act in a mature way. Once
standards move from vendors agitating for mindshare at
conferences to a world of participating in national and
international planning, folks have to transcend the somewhat any
an all childish pettiness (my standard is better than yours, so
there).<br>
<br>
What I want to hear from David Kearns is what it is that OAUTH
and later era designs have, that SAML did not have, and what it
was in the the world that changed on SAML (showing up how its
assumptions tied it to a world that did not sustain). With that,
I will know the differences due to the excellence in innovation
or understanding. I think I know the why it was, but I want
education - not tied to a vendor with an angle. I dont want to
exchange a standard notating bits with another standard notating
bits in a different order. WIth that I will know how to better
evaulate this years bunch of vendors doing marketing of this or
that mindshare message. I know how to stay focussed on a
national strategy. I have a way to stay above vendor bickering,
or standards groups bickering.<br>
<br>
> Date: Tue, 31 Jul 2012 15:42:10 -0400<br>
> From: <a class="moz-txt-link-abbreviated" href="mailto:dkearns@gmail.com">dkearns@gmail.com</a><br>
> To: <a class="moz-txt-link-abbreviated" href="mailto:openid-general@lists.openid.net">openid-general@lists.openid.net</a><br>
> Subject: Re: [OpenID] The death (and life) of a protocol<br>
> <br>
> Peter, Peter, Peter, you ignorant slut (to paraphrase Dan
Akroyd) -<br>
> <br>
> No one pays a penny to read my newsletters, but many
thousands do read <br>
> them (perhaps because they don't have to pay - who knows?)<br>
> <br>
> It's an opinion piece exactly because that's what the
newsletters <br>
> promise to my readers - my opinion. And the event was last
month, not <br>
> last year (did you read the newsletter?)<br>
> <br>
> Judging from the twitter stream and the comments on this
newsletter, <br>
> it's hard to take it as "the pulse of some community". More
like <br>
> swimming against the tide.<br>
> <br>
> What, exactly, was it I was supposed to tell you a year
ago?<br>
> <br>
> -dave<br>
> <br>
> On 7/31/2012 3:06 PM, Peter Williams wrote:<br>
> > I didnt like tone of the Kearns et al brigade, off
selling <br>
> > subscriptions to a newsletter full of opinion pieces.
It reminds me of <br>
> > a journalist who does nothing but take pulses of some
community to <br>
> > which he is invited, and writes about them in a leader
piece. If that <br>
> > community is swinging one way, the journalist opines
how great it is. <br>
> > If it swings the other, the same journalist says how
awful it is. <br>
> > There was nothing the journlist was adding (other than
reporting is <br>
> > attempting to swing some opinion). It reminds me of
the 1996 era when <br>
> > we used to give journalists (or their editors) stock
options, to place <br>
> > stories about how wonderful were digital ids.<br>
> ><br>
> > I can sell you an opinion for 5c, too. And thats all
its worth. In <br>
> > fact, mine are free (being worthless).<br>
> ><br>
> > So when someone descends into the "SAML is dead" line
of journalism, <br>
> > save your 5c and spend it elsewhere. Save up a dollar,
and find a <br>
> > better source of information that is not selling you
the time on the <br>
> > wall clock in front of everyone.<br>
> ><br>
> > Recently, in our world we were able to understand
OAUTH 2.0 (and <br>
> > thanks to Microsoft for getting the articulation of
the business <br>
> > rationale down pat, and Google-land for forcing
security for web APIs <br>
> > to be distinct from security for enterprise-3-tier
APIs.). Its a shame <br>
> > that certain journalists who were in a position to
educate (a year+ <br>
> > ago) didnt do so, merely writing pat story lines for
impact. <br>
> > Presumably, another conference invite is at stake, on
the high-ego, <br>
> > never ending conference circuit (of faux-opinion
makers largely <br>
> > talking to each other about what someone else is
doing).<br>
> ><br>
> > There may be a market for second and third hand
information, about <br>
> > last years events. And, Ive no objection to someone
making a profit. <br>
> > But, openid might want to stay in the forground and on
the leading <br>
> > edge, and stay away from talking about last year's
events.<br>
> ><br>
> > Now I should end nicely, with praise. Kearns can
write, beautifully. I <br>
> > just find he has nothing to say on the topics that
matter, today.<br>
> ><br>
> > > From: <a class="moz-txt-link-abbreviated" href="mailto:sakimura@gmail.com">sakimura@gmail.com</a><br>
> > > Date: Tue, 31 Jul 2012 10:24:45 -0700<br>
> > > To: <a class="moz-txt-link-abbreviated" href="mailto:board@lists.openid.net">board@lists.openid.net</a>;
<a class="moz-txt-link-abbreviated" href="mailto:openid-general@lists.openid.net">openid-general@lists.openid.net</a><br>
> > > Subject: [OpenID] The death (and life) of a
protocol<br>
> > ><br>
> > > An excellent article by Dave Kearns.<br>
> > ><br>
> > > <br>
> >
<a class="moz-txt-link-freetext" href="http://blogs.kuppingercole.com/kearns/2012/07/31/the-death-and-life-of-a-protocol/">http://blogs.kuppingercole.com/kearns/2012/07/31/the-death-and-life-of-a-protocol/</a><br>
> > ><br>
> > > But the needs of the enterprise are also
important, and the improved<br>
> > > versions of these protocols – OpenID Connect and
Oauth 2.0 – are the<br>
> > > future.<br>
> > ><br>
> > > SAML was king, at least in the opening decade of
the 21st century, but<br>
> > > the king is dead. Long live the king!<br>
> > ><br>
> > > Nat Sakimura<br>
> > > _______________________________________________<br>
> > > general mailing list<br>
> > > <a class="moz-txt-link-abbreviated" href="mailto:general@lists.openid.net">general@lists.openid.net</a><br>
> > >
<a class="moz-txt-link-freetext" href="http://lists.openid.net/mailman/listinfo/openid-general">http://lists.openid.net/mailman/listinfo/openid-general</a><br>
> ><br>
> ><br>
> > _______________________________________________<br>
> > general mailing list<br>
> > <a class="moz-txt-link-abbreviated" href="mailto:general@lists.openid.net">general@lists.openid.net</a><br>
> >
<a class="moz-txt-link-freetext" href="http://lists.openid.net/mailman/listinfo/openid-general">http://lists.openid.net/mailman/listinfo/openid-general</a><br>
> <br>
> _______________________________________________<br>
> general mailing list<br>
> <a class="moz-txt-link-abbreviated" href="mailto:general@lists.openid.net">general@lists.openid.net</a><br>
> <a class="moz-txt-link-freetext" href="http://lists.openid.net/mailman/listinfo/openid-general">http://lists.openid.net/mailman/listinfo/openid-general</a><br>
<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
general mailing list
<a class="moz-txt-link-abbreviated" href="mailto:general@lists.openid.net">general@lists.openid.net</a>
<a class="moz-txt-link-freetext" href="http://lists.openid.net/mailman/listinfo/openid-general">http://lists.openid.net/mailman/listinfo/openid-general</a>
</pre>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<p class="" avgcert""="" color="#000000" align="left">No virus
found in this message.<br>
Checked by AVG - <a moz-do-not-send="true"
href="http://www.avg.com">www.avg.com</a><br>
Version: 2012.0.2197 / Virus Database: 2437/5167 - Release Date:
07/31/12</p>
</blockquote>
<br>
</body>
</html>