[Marketing] OpenID Connect

Chris Messina chris.messina at gmail.com
Tue Jan 5 22:26:24 UTC 2010 

Well, with Portable Contacts (the address schema) and Attribute Exchange
made available over an OpenID... wait for it... connection, I think there's
a lot of promise for OpenID in payment scenarios.

For one thing, there's the social aspect, which for some people, could be
very compelling.

I wrote something up about this a while back, might be worth a read:

http://factoryjoe.com/blog/2009/04/30/comixology-and-the-future-of-connected-commerce/

I think OpenID for commerce is a little off-topic for this thread, but the
points you raise continue to illustrate the need to productize these
technologies beyond their techie roots — so that the benefits we see as
implicit are made explicit for larger audiences!

Chris

On Tue, Jan 5, 2010 at 11:57 AM, Miles Carroll <
miles at chocolateconsulting.co.uk> wrote:

> Hi
>
> As a commercial person, I have been looking at OpenID for 18 months, trying
> to figure out a way to extract commercial value from this great tech. So I
> agree the product side needs work.
>
> I am trying to figure out how to use OpenID in cardholder not present card
> (CNP) transactions. Only about 25% of card transactions are 3D secure and
> the rest rely on the Address Verification Service (AVS) the challenge being
> that 90% of the address data is free typed into the shopping carts, so the
> formatting fails AVS. If we could normalise the address format and get some
> data quality over the Open ID we could use the data to power safer payments.
> My business processes around 200M card transactions a year.
>
> Any ideas from a tech and product perspective how to join it up?
>
> Regards
>
> Miles Carroll
> Managing Director
> Universal Payment Gateway plc
>
> +44 (0)1827 265005. Switchboard
> +44 (0)1827 265006. Fax
> www.upg.co.uk
>
> Sent by iPhone
>
>
> On 5 Jan 2010, at 07:35, David Recordon <recordond at gmail.com> wrote:
>
> +1, we need to make this a reality this year.
>
> On Mon, Jan 4, 2010 at 10:13 PM, Chris Messina < <chris.messina at gmail.com>
> chris.messina at gmail.com> wrote:
>
>> Indeed, and thanks for both of your comments.
>>
>> I think David needs to flesh out how exactly he might rewrite OpenID on
>> top of OAuth WRAP, or OAuth 2.0, or OpenID v.Next... whatever we call it, I
>> think that the next generation of a "product" that our community produces
>> needs to have some level of parity with other *connect-style APIs, which
>> David previously outlined [1] as including:
>>
>> * profile
>> * relationships
>> * content
>> * activities
>>
>> If the OpenID community fails to provide a meaningful and clear way to
>> exchange these kinds of data — in a way that is as simple and compelling to
>> implement as Facebook or Twitter Connect, I think we're going to have a very
>> hard time getting our collective mojo back. That said, I have high
>> confidence that we will meet that need.
>>
>> I also want to point out that I purposefully sent this message to the
>> marketing list, since OpenID Connect is something dreamed up as a
>> productization of the "open stack" — which is really more like "Hailstorm" —
>> an internal token for us to refer to a quasi-official collection of
>> technologies known to [hand wavingly] work well together.
>>
>> While the bits have to add up here, that's not entirely what I'm aiming
>> OIC at (see what I did there?). Instead, OpenID Connect is the name for a
>> marketing vehicle that will enable us to take the existing OpenID brand and
>> extend it to cover things that site creators and developers care about —
>> going beyond just identity, and into the good stuff that make people want to
>> build apps.
>>
>> I also think that, from a community maturation process perspective, OpenID
>> and OAuth have come to a point where they need to become more closely
>> aligned — and Dave's retelling of "identity as just another attribute" helps
>> me finally get it.
>>
>> Over time, we will evolve what OpenID and what OpenID Connect mean, and
>> find a place for OAuth and OAuth WRAP within the scheme of things. For now,
>> and for us, in 2010, the wider marketplace needs a product that it can wrap
>> its head around, and I think OpenID Connect makes as good as sense as
>> anything else I've heard. ;)
>>
>> Chris
>>
>>
>> On Mon, Jan 4, 2010 at 7:12 PM, David Recordon < <recordond at gmail.com>
>> recordond at gmail.com> wrote:
>>
>>> Hey Dick,
>>> I could see a path where OpenID bolts discovery onto the front of OAuth
>>> WRAP and then OpenID itself becomes a common set of parameters exchanged
>>> within the user authorization flow of WRAP.  A consumer could also get a
>>> WRAP access token in addition to identity information (you're the one who
>>> told me a few years ago that an identifier is just another attribute and not
>>> something special).  If it's happening over SSL, a lot of the key exchange
>>> stuff goes away.  Already today OpenID uses a plain text association when
>>> being run over SSL.
>>>
>>> --David
>>>
>>>
>>> On Mon, Jan 4, 2010 at 7:07 PM, Dick Hardt < <dick.hardt at gmail.com>
>>> dick.hardt at gmail.com> wrote:
>>>
>>>> Good article Chris, I commented on your blog, but bringing the
>>>> discussion here ..
>>>>
>>>> I agree that OpenID needs some serious product management. I like the
>>>> OpenID Connect label -> much better then the Open Stack.
>>>>
>>>> Technically, speaking as an author of OAuth WRAP, making OpenID an OAuth
>>>> WRAP Profile does not make sense. I do think that an OpenID v Next would be
>>>> very complementary to OAuth WRAP.
>>>>
>>>> One of the problems OpenID solves that WRAP does not is discovery and
>>>> key exchange. I would say that is most of the what OpenID does.
>>>>
>>>> Great to see the discussion pick up, it is going to be a very
>>>> interesting year!
>>>>
>>>> On 2010-01-04, at 4:05 PM, Chris Messina wrote:
>>>>
>>>> Just wrote a post outlining my thoughts outlining a concept I called
>>>> "OpenID Connect":
>>>>
>>>> <http://factoryjoe.com/blog/2010/01/04/openid-connect/>
>>>> http://factoryjoe.com/blog/2010/01/04/openid-connect/
>>>>
>>>> Interested in thoughts and feedback, and happy to expand the idea
>>>> further.
>>>>
>>>> Chris
>>>>
>>>> --
>>>> Chris Messina
>>>> Open Web Advocate
>>>>
>>>> Personal: <http://factoryjoe.com/>http://factoryjoe.com
>>>> Follow me on Twitter: <http://twitter.com/chrismessina>
>>>> http://twitter.com/chrismessina
>>>>
>>>> Citizen Agency: <http://citizenagency.com/>http://citizenagency.com
>>>> Diso Project: <http://diso-project.org/>http://diso-project.org
>>>> OpenID Foundation: <http://openid.net/>http://openid.net
>>>>
>>>> This email is:   [X] shareable    [ ] ask first   [ ] private
>>>>  _______________________________________________
>>>> marketing mailing list
>>>> <marketing at lists.openid.net>marketing at lists.openid.net
>>>> <http://lists.openid.net/mailman/listinfo/openid-marketing>
>>>> http://lists.openid.net/mailman/listinfo/openid-marketing
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> marketing mailing list
>>>>  <marketing at lists.openid.net>marketing at lists.openid.net
>>>>  <http://lists.openid.net/mailman/listinfo/openid-marketing>
>>>> http://lists.openid.net/mailman/listinfo/openid-marketing
>>>>
>>>>
>>>
>>> _______________________________________________
>>> marketing mailing list
>>>  <marketing at lists.openid.net>marketing at lists.openid.net
>>>  <http://lists.openid.net/mailman/listinfo/openid-marketing>
>>> http://lists.openid.net/mailman/listinfo/openid-marketing
>>>
>>>
>>
>>
>> --
>> Chris Messina
>> Open Web Advocate
>>
>> Personal: <http://factoryjoe.com>http://factoryjoe.com
>> Follow me on Twitter: <http://twitter.com/chrismessina>
>> http://twitter.com/chrismessina
>>
>> Citizen Agency: <http://citizenagency.com>http://citizenagency.com
>> Diso Project: <http://diso-project.org>http://diso-project.org
>> OpenID Foundation: <http://openid.net>http://openid.net
>>
>> This email is:   [ ] shareable    [X] ask first   [ ] private
>>
>> _______________________________________________
>> marketing mailing list
>>  <marketing at lists.openid.net>marketing at lists.openid.net
>>  <http://lists.openid.net/mailman/listinfo/openid-marketing>
>> http://lists.openid.net/mailman/listinfo/openid-marketing
>>
>>
> _______________________________________________
> marketing mailing list
> marketing at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-marketing
>
>
> _______________________________________________
> marketing mailing list
> marketing at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-marketing
>
>


-- 
Chris Messina
Open Web Advocate

Personal: http://factoryjoe.com
Follow me on Twitter: http://twitter.com/chrismessina

Citizen Agency: http://citizenagency.com
Diso Project: http://diso-project.org
OpenID Foundation: http://openid.net

This email is:   [ ] shareable    [X] ask first   [ ] private
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-marketing/attachments/20100105/6f6027b6/attachment.html>

More information about the marketing mailing list