[Openid-specs-ab] Marketing OpenID: combatting negativity

Tom Jones thomasclinganjones at gmail.com
Tue Jan 29 20:40:32 UTC 2019 

FWIW i tried to address this by building a .NET library on core 1.1 for
relying parties. The big problem for me was the certification as the
existing .NET tooling did not support dynamic registration. When i tried to
load that solution library into the MSFT samples, they had changed to .net
core 2.0 and were not interested in a core 1.1 implementation. Now they are
on to .net core 3.0. Identity mgmt is in a state of flux and the w3c ccg is
not helping to stabilize the situation at all. While its hard to know how
the openID foundation can help, i would recommend considering a
certification test suite that did not depend on dynamic registration.

In the meantime, i am trying to build a openid self issued ID open source
solution compatible with the w3c ccg, to see if that can bring the two
together.

Peace ..tom


On Tue, Jan 29, 2019 at 12:18 PM Mike Jones via Openid-specs-ab <
openid-specs-ab at lists.openid.net> wrote:

> For what it’s worth, I thought the article
> https://developer.okta.com/blog/2019/01/23/nobody-cares-about-oauth-or-openid-connect
> was mostly positive for OAuth and OpenID Connect (once you get past the
> title).  Remember that unlike OpenID 2.0, we haven’t tried to make “OpenID
> Connect” a consumer brand.  In fact, when we present about OpenID Connect,
> we typically remind people that they’re probably using OpenID Connect, even
> though they may not know it.  For instance, Slide 4 of
> http://self-issued.info/presentations/OpenID_Connect_Introduction_23-Oct-18.pdf
> says:
>
> *You’re probably already using OpenID Connect!*
>
>    - If you have an Android phone or log in at AOL, Deutsche Telekom,
>    Google, Microsoft, NEC, NTT, Salesforce, Softbank, Symantec, Verizon, or
>    Yahoo! Japan, you’re already using OpenID Connect
>    - Many other sites and apps large and small also use OpenID Connect
>
>
>
> I thought that this part of the article was dead-on:
>
> The reason nobody cares about OAuth and OIDC is that OAuth and OIDC aren’t
> what developers are interested in. The only thing developers are
> *actually* interested in is what OAuth and OIDC help with, *authentication
> and authorization*.
>
>
>
> 99.99% of developers out there don’t know (or want to know) anything about
> OAuth, OIDC, or any other security specifications. All they want to do is
> find the simplest and most straightforward way to support user
> authentication and authorization in their application. They don’t care
> about standards, specifications, grant types, JWTs, or scopes and timeouts
> – all they want to do is log a user in and check to see what permissions
> they have.
>
>
>
> To be clear, Okta advertised their allegiance to OpenID Connect here (and
> in their OpenID Certifications <https://openid.net/certification/#OPs>):
>
> With the state of tooling right now, web developers are essentially
> *forced* to learn about OAuth and OIDC and are burdened with the need to
> understand how these standards work and how to (hopefully) apply them
> properly to their application. It isn’t a great system.
>
>
>
> This is one of the reasons why, here at Okta <https://developer.okta.com/>,
> even though our entire platform is built on top of OAuth and OIDC, we spend
> tons of time and effort trying to build abstractions (in the form of client
> libraries) to hide those complexities and make securing your web
> applications simpler.
>
>
>
> I also agree with the gist of this conclusion:
>
> While OAuth and OIDC are certainly useful and important, the reality of
> the situation today is that almost nobody cares about OAuth and OIDC.
> Developers don’t want more OAuth and OIDC libraries and documentation in
> their lives: they want less of it.
>
>
>
> The easier that we can all make it for developers to securely use OpenID
> Connect, the better everyone.  That’s always been the goal!
>
>
>
>                                                        -- Mike
>
>
>
> *From:* Openid-specs-ab <openid-specs-ab-bounces at lists.openid.net> *On
> Behalf Of *Nat Sakimura via Openid-specs-ab
> *Sent:* Monday, January 28, 2019 3:43 PM
> *To:* Artifact Binding/Connect Working Group <
> openid-specs-ab at lists.openid.net>
> *Cc:* Nat Sakimura <sakimura at gmail.com>; Mike Schwartz <mike at gluu.org>
> *Subject:* Re: [Openid-specs-ab] Marketing OpenID: combatting negativity
>
>
>
> Mike,
>
>
>
> +1 on running inter-linked blog and vlog posts.
>
>
>
> +1 also for positioning OpenID is fun and easy. The "easy" part is a bit
> an overstatement but it is clinically proven that if people were told that
> it is hard, they will absolutely stop learning.
>
>
>
> Nat
>
>
>
> On Sun, Jan 27, 2019 at 9:02 PM Mike Schwartz via Openid-specs-ab <
> openid-specs-ab at lists.openid.net> wrote:
>
>
> I think to go head-to-head with the negative OpenID press, we need to
> market a message something to the effect of:
>
> "Using OpenID is great fun, and it solves real problems for developers."
>
> You can't combat negativivity with a message of: "the detractors have a
> point".
>
> We have the brain trust in this community to get that message out. If
> everyone wrote one blog, and we all cross-promote on social media (i.e.
> more of what Nat is doing so brilliantly on Youtube...), I think we
> could make a dent in perceptions. Especially if we tap into the
> corporate marketing cabailities of our respective organizations.
>
> - Mike
>
>
> -----------
> Michael Schwartz
> Gluu
> Founder / CEO
> mike at gluu.org
> https://www.linkedin.com/in/nynymike/
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
>
>
> --
>
> Nat Sakimura (=nat)
>
> Chairman, OpenID Foundation
> http://nat.sakimura.org/
> @_nat_en
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20190129/fbbb712c/attachment.html>

More information about the Openid-specs-ab mailing list