It’s Day Two of the Internet Identity Workshop. There’s a lot of important work being done, work that will have deep impact on our Internet experience. So I thought someone should capture some images for posterity. I love that the event is taking place at the Computer History Museum. We also shot an episode of The Social Web TV here this morning, which should go live tomorrow morning.
Here are my photos from Day Two:
It’s Day One of the Internet Identity Workshop, a semi-annual gathering of the thought leaders in the online identity space. This grass-roots event, which has been around for three years, now finds itself at the center of a space that is really heating up, with big mainstream Internet players like Google, Yahoo, Microsoft, MySpace, and Facebook, all racing to outdo each other as identity providers.
Among the talks:
David Recordon (of SixApart, the OpenID Foundation, and the Open Web Foundation) had a great talk on OpenID and the great progress being made, with mainstream adoption in the U.S. and Japan, in particular. Not surprisingly, there will be lots of sessions on OpenID over the next three days, talking about a variety proposed extensions. Given all the recent announcements (Yahoo, Google, Microsoft, and MySpace), this is really OpenID’s time to shine. I took a few photos to capture the moment.
Photos from David Recordon’s talk:
Interesting talks on SAML and Information Cards, two topics I don’t know very much about. SAML is more on the enterprise side of identity. Information Cards seeks to span both the enterprise and consumer Internet space. Information Cards has a focus on verifiable claims, like “Joe Smith is over 21”.
Oh, and I snapped a fun shot of MySpace’s MAx Engel, who was at the back of the room, getting his laptop juiced, and working with totally casual posture. Max is doing great stuff to bring the Open Stack to life at MySpace.
Joseph Smarr of Plaxo just gave another great talk, this one on the “Open Stack” and how it is greater than the sum of its parts. The PowerPoint can be downloaded
here. Joseph demoed the combo of OpenID, OAuth, Portable Contacts, and XRDS-Simple. And he shared screenshots of a Portable Contacts app for Android. Way cool!
Here are some photos of his talk.
I had a bad feeling last night about how the U.S. Presidential election would go. In particular, I feared and predicted that our system would buckle under the weight of an historic turnout, and that we would spend tonight (and maybe the coming days) dealing with a situation that might remind us of Florida in 2000. I am so pleased to admit that I was wrong. Whether you are an Obama supporter or a McCain supporter, please join me in celebrating a triumph of democracy in action. Well, done, U.S.A!
And, by the way, what an historic moment in American history. My great hope is that this will prove a watershed moment in the often tortured history of race in America. Forget for a moment the two political parties in this country. Forget conservative and liberal. Drink in this moment as symbolic of what makes the United States of America so special: a government of the people, by the people, and for the people.
And now Max Engel, product manager for MySpace Data Availability, is up.
What makes me, me? What I say about me. What others say about me (or reputation). What I do (or my activity). Who I know (or my social graph). What I create. The content I generate and share. Where I can go (my ability to authenticate). How do I allow my identity to travel with me?
The Old World: the walled garden. The New World: Data Availability. An enabler for connecting with all of the web. The social social network.
What is the goal? Make life simpler (for developers and users).
Max is showing Joseph’s “most building on the open stack” slide!
Why this matters to you: The walls are crumbing and the networks are growing through the roof. [This point illustrated by an image of an old stone castle overtaken by lush vegetation. Sweet!] The open stack lowers the barrier to entry for user acquisition on your site. Retention: you become both complementary and indispendable. Traffic: make your site and service a fulcrum. (Example Twitter.) Monetization: gain valuable insights into your user base by allowing them to easily plug in. Why this matters? Identity becomes an open stream that you can dip into.
What is available now? We provide APIs to get to content (photos, for example)…; authentication via OAuth; dynamic profiles (changes reflected everywhere).
More granular on profile access. Portable profile: age, current location, date of birth, gender, nickname, thumbnail url, etc. Cacheable: About me, body type, books, children, drinker, enthnicity, has app, heroes, ID, interests, job, looking for, movies, music, name, network…
Sowing example of Picnik.com. We can let users edit their photos where they want to and have it flow back to my profile.
Supporting OpenSocial 0.8.1 REST Support, which means MySpace is already supporting Portable Contacts. Sweet!
Why OpenID at MySpace? “Our user identify with their ‘vanity URLs’.” Over 90% of our active users have vanity URLs. We have almost 30 million users who are both OpenSocial app users and have a vanity URLs. These folks are primed to use their MySpace URL as their OpenID. Coming soon!
“We are embracing the OpenID standard for single sign-on for the web.” And combining it with OAuth to enable true data availability across the web.
“We believe strongly in working with the community to ensure compatibility with open standards.”
[My thoughts: Wow! MySpace is absolutely committed to the new “Open Stack.” Some have thought the big players might just be paying lip service to opening up, but MySpace is for real. If you have not been paying attention to MySpace Data Availability, clearly now is the time to do so.]
I’m up in San Francisco for the Widget Summit, live-blogging a talk by Plaxo’s Joseph Smarr, entitled “The Widgets Shall Inherit the Web.” You can download the Powerpoint here. (Joseph will also upload to SlideShare later.) Talk is starting now..
“There’s a fundamental transition going on, as fundamental as the birth of the Web. The Web is going social, and the Social Web is going open.”
Widget authors: you’re ahead of your time! Widgets thrive in an environment with users, data, social graph, and activity. But, widget have had to live where the data is, inside existing social networks. But soon, the data will come to you, thanks to the “Open Stack”. Widgets are about to be turbocharged “by several orders of magnitude”
Lots of social sites.
Lots of open “building blocks” (OpenID, OpenSocial, OAuth…)
How do the pieces fit together? And what will the Social Web look like?
The social web is broken today. On each site, we have to do the same dance. Create account, enter profile data, upload photo, etc. Currently, social apps have limited options.
New building blocks establish who I am, who I know, and what’s going on
Who I am. Create a portable, durable online identity. Key technology: OpenID. Key standard gaining real traction and momentum. Showing the Plaxo sign-up page with support for OpenID, including special support for Yahoo OpenID and Google OpenID. Showing JanRain’s MyOpenID with pre-fill of info during onboarding. Faster registration, fewer lost passwords. Good for Plaxo, good for user, and good for Identity Provider. Joseph listing off the major providers: Yahoo, Microsoft, Google, AOL, and (soon) MySpace. “Now is the time to get on board.” “Registration flows historically have high dropoff rates.
Joseph now talking about rel=me (XFN) microformat…
Showing “me on the web,” the trace of publicly-asserted linkages between his blog, and his profile on lots of different services, traced via Google’s social graph API. Showing how is Plaxo you can use that data to lower the friction for letting a user declare the sites they use so they can easily set up feeds. And the loop continues; Plaxo public profile pages can include “you on the web” and it’s marked up in microformats, consumable on other websites.
Now showing the same stuff for a personal blog. Example is David Recordon of SixApart.
Who I know
Tap into the real relationships via Contact APIs from existing address books, typically webmail. Scraping has been the norm, but clearly not good from a security standpoint. Now there are real Contacts APIs from Yahoo, Microsoft, and Google, and that’s great.
Of course, that data is not public, so you need a way to grant access to it securely, which brings us to OAuth. “How do I let users grant access to their data without giving up their passwords to third-parties?” Each of the big players created their own unique, proprietary auth technology, which led to a lot of developer pain. So the big players are now shifting over to OAuth, an open spec approach to the problem. But one-time import is not as good as continuous discovery, which brings us to the concept of friends-list portability.
Showing nice integration between Flickr and Google. “If you haven’t done it, check out import on Flickr. You’ll be surprised.” Now on to Dopplr.
What’s going on
The last piece is the rich context of what the people you know are doing online. Now to OpenSocial, that let’s you build social apps that can run (almost) anywhere. Showing the original integration on Plaxo. “What’s really cool is the sharing of the activity stream into the feed.” “OpenSocial has gone mainstream, big time.” Showing graph of number of users (reaching to something like 500 million, I think.)
Now RSS/Atom. “Syndicate your activity”. Giving example of recent Netflix API which has Atom feeds of Netflix ratings, protected behind OAuth, which Joseph integrated in Plaxo. Now Jabber/XMPP for “real-time update stream between sites”. Example: Twitter integration in Plaxo.
“If you’re a big site, folks might do a custom integration, but if you’re a small site, be on the lookout for open standards that you can draft off of.”
Now, to pull it all together.
The user is at the center. Then all around, socially-aware sites of the Web. In the middle? A new services layer, with Identity Providers; Social Graph Providers; and Content Aggregators. (My editorial add: Some companies may focus on one or two of the layers, but the brass ring is the triple play.) Joseph now saying his version of that, and pointing out what Facebook, Yahoo, and others are up.
Now, a day in the life of the Social Web
Using me as an example, checking out a microbrew enthusiast site. I use my OpenID to onboard. I write a review, and it flows to my aggregator of choice. Joseph discovers it and joins the site to. All part of a “virtuous cycle.” This is just like the virtuous cycle that gave birth to the Web. More sites lead to more people downloading a browser, which leads to more people making websites. Repeat. It’s the same now, but to make it happen, the data must be able to flow. “Open” is the breakthrough.
Returning to “Who I know”…
“Something I glossed over.” How does friends-list portability actually work? Discovery via XRDS-Simple.
As with auth, all the big guys came up with their own Contacts APIs. Now, we’re moving to Portable Contacts. More info here.
“What’s cool is that we worked with the OpenSocial community to align Portable Contacts with the OpenSocial RESTful APIs, so you’ll get support for Portable Contacts for free from any site that is OpenSocial RESTful APIs.”
There’s now a clear vision, shared by Facebook Connect, MySpace Data Availability, Yahoo Y!OS, Google Friend Connect, and Plaxo Pulse: Identity Providers; Social Graph Providers; Content Aggregators.
“What’s even cooler? Almost everyone is building on the new Open Stack. And it’s not hard to imagine Facebook joining this movement, too.”
On the eve of the U.S. Presidential election, please allow me to diverge from my regular focus on opening up the Social Web in order to go on record with my prediction…
Most folks are now, based on polls, predicting a sizable win for Obama, with clarity of the outcome emerging early tomorrow evening, perhaps shortly after the polls close in Virginia.
I predict a *very* different outcome. If I am correct, avid followers of this election should prepare for a later night — and perhaps something more akin to the chaos, confusion, and limbo of the 2000 election. Why? I believe that the turnout will be so historic that the voting system will be severely tested. Polls will be swamped. Irregularities will occur (not out of malice, but out of inability to respond to the surge). I also happen to believe that the polls are overstating the gap between Obama and McCain, which is to say that I believe the *actual* margin of error in many of the polls is as large or larger than the projected gap.
In particular, look to Pennsylvania (my home state, but not current residence) and Ohio as this year’s Florida.
My prediction is not whether Obama or McCain will win. (I suspect it will be Obama, but by a narrower margin than most predict.) My prediction is that the outcome will not be clear early tomorrow evening, and that it may well come down to fancy footwork of lawyers, rather than a simple tally of votes.
By the way, I hope I am wrong, but couldn’t resist putting my thoughts down in public.
If you haven’t seen it yet, the latest episode of The Social Web TV is up, shot on location at Google, with special guest, Eric Sachs, talking about the big news of Google becoming an OpenID provider:
Great to see the episode got picked up by ReadWriteWeb!
What a week for OpenID and the opening up of the Social Web! Following Monday’s big announcement of Microsoft about to become an OpenID provider, today Google announced that it has actually become one (for real), with several sites are already live, accepting Google account credentials for signup and sign in, including Plaxo and Zoho. Google’s rollout is a very big deal for OpenID. Why?
Like many promising technologies, OpenID has long suffered from the “chicken and egg” problem. Why should any site wrestle with the complexities of becoming a “relying party” (a site that accepts OpenID) if very few mainstream users have an OpenID and know how to use it? And, conversely, if there are very few relying parties out there, why should a mainstream Internet player, such as Google or Microsoft, rush to become a Provider?
The lineup of current (or soon to launch) OpenID Providers now includes, Google, Yahoo, AOL, Microsoft, and MySpace. And we should be able to demonstrate in the coming weeks that second-generation implementations, like what Google is launching with today (and extending soon with Portable Contacts), actually reduce the friction for onboarding new users. The result should be a massive adoption wave for OpenID all over the web. If your competitor’s OpenID-based onboarding of new users has a much smaller dropoff rate than yours, you will find yourself wanting to come up to speed quickly on how to become a relying party, too.
One of the coolest things in the official blogpost for the announcement is what is coming down the pike:
Google is also working with the open source community on ways to combine the OAuth and OpenID protocol so a website can not only request the user’s identity and e-mail address, but can at the same time request access to information available via OAuth-enabled APIs such as Google Data APIs as well as standard data formats such as Portable Contacts and OpenSocial REST APIs. In the future, this should allow a website to immediately provide a much more streamlined, personalized and socially relevant experience for users when they log in to trusted websites.
This combined “Open Stack” approach will fix so much of what is currently broken.
Today, every time you go to use a new website, you have to give the site your email address and choose a password; you have to upload a photo and fill out the same profile info you’ve done dozens of times before; and, you’ll probably be encouraged to import your address book and invite your friends. The new Open Stack approach can take almost all of the friction out of that process. OpenID lets you signup with existing credentials. XRDS-simple lets the site discover where you keep your data. OAuth allows you to grant restricted access to just that data (without handing over the full keys to your account). And Portable Contacts standardizes how the site can pull in the people data that you want to share, including data from your profile, your friends list, and your address book. And that can all be done in a couple of clicks, with you in control.
These are exciting times, indeed. Congrats to the Google team!
As has become the standard for just about any “open” launch, Plaxo is among the first live, with Joseph Smarr coding away feverishly in the night. Here’s his post on the launch at the official Plaxo blog. Joseph is also quoted in the Google blogpost:
Joseph Smarr, Chief Platform Architect at Plaxo says, “It’s great to see Google become an Open ID provider in addition to supporting OAuth, which we already use. We are thrilled to be among the first sites to allow users to login with their Google Accounts. This is going to be great for users, Plaxo and the web.”
In a blogpost that just went live, Microsoft announced that they are ready to roll on the OpenID front, becoming a provider:
Beginning today, Windows Live™ ID is publicly committing to support the OpenID digital identity framework with the announcement of the public availability of a Community Technology Preview (CTP) of the Windows Live ID OpenID Provider. You will soon be able to use your Windows Live ID account to sign in to any OpenID Web site!
This is a Big Deal for opening up the Social Web. Microsoft is joining other large providers, including Yahoo and AOL. And more are on the way, based on who attended the OpenID UX Summit last week (and what they said and demoed there). Even the New York Times is talking about it.
If it hasn’t been clear yet, it should become clear soon that we will exit 2008 with OpenID having moved from “promising” to a vital part of the mainstream Internet experience.
Oh, and be sure to check out Dare Obasanjo’s post on the news, that includes a link to a screencast from Angus Logan. (Dare and Angus are both great “open” advocates within Microsoft.) Congrats, guys! Always great to see the open champions succeed in steering the strategies of the biggest of companies. Oh, and clearly props should go to Mike Jones, who was a key champion of OpenID at Microsoft, as I am reminded by Scott Kveton in the post over at ReadWriteWeb:
“It’s a big deal for OpenID because we’re seeing Microsoft ship code,” said Scott Kveton, chair of the OpenID Foundation. “This is Microsoft putting their money where their mouth is. And it’s due in no small part to Mike Jones, who has been working diligently to promote OpenID within Microsoft. I’m enormously excited to see this happening.
”
TechCrunch now has a piece up with additional coverage
The Real McCrea 