{"id":677,"date":"2007-02-07T10:15:24","date_gmt":"2007-02-07T18:15:24","guid":{"rendered":"\/?p=677"},"modified":"2007-02-07T10:15:24","modified_gmt":"2007-02-07T18:15:24","slug":"structuring-our-announcement","status":"publish","type":"post","link":"https:\/\/www.identityblog.com\/?p=677","title":{"rendered":"Structuring our announcement"},"content":{"rendered":"<p><a href=\"http:\/\/www.kaliyasblogs.net\/Iwoman\" class=\"broken_link\">Identity Woman Kaliya<\/a>, who is a key community figure and has&nbsp;played a pivotal role in&nbsp;bringing&nbsp;everyone together, posted <a href=\"http:\/\/www.kaliyasblogs.net\/Iwoman\/?p=541\" class=\"broken_link\">this<\/a> (and <a href=\"http:\/\/www.identitywoman.net\/?p=542\">this<\/a>) about yesterday&#39;s announcement:<\/p>\n<blockquote><p>This morning at RSA <a href=\"http:\/\/thomashawk.com\/2007\/02\/microsoft-to-support-openid-log-on.html\">Bill Gates and Craig Mundie announced MSFT support of OpenID2.0<\/a>. (<a href=\"http:\/\/netmesh.info\/jernst\/Digital_Identity\/gates-rsa-2007-keynote-notes.html\">Johannes has a good summary of the points they made too<\/a>) I wouldn\u00e2\u20ac\u2122t go so far to say that they got Married. But what exactly was announced? I spoke with David Recordon and Mike Jones after the announcement. (this picture is before the announcement).<\/p>\n<p>The <a href=\"http:\/\/www.openid.net\/\">OpenID<\/a> Relying parties will be able to request that the authentication be done in a Phising resistant way. Then the OpenID Provider will have it a way to assert that the authentication of the OpenID (a URL or XRI\/I-name) has been done in a Phishing resistant way. CardSpace will be available as a primary way of providing this kind of authentication (for users on Windows machines).<\/p>\n<p>This is a very exciting development as it expands the options available to users. Their are issues with Phishing in OpenID (<a href=\"\/?p=659\">as outlined here by Kim<\/a>) and addressing this hole is key to making it a viable protocol that is good for users.<\/p>\n<p><a href=\"\/?p=669\">Kim talks about is request<\/a> to the OpenID community in the blogosphere and in the meeting they had last week at JanRain (Scott blogged about that here).<\/p>\n<div style=\"margin-left: 30px\">My big ask was to add a way to request credentials based on phishing-resistant authentication\u00e2\u20ac\u00a6..[so that] the system is built to handle the dangers that would come with its own success.<\/div>\n<p>The one question I have about this collaboration announcement why <a href=\"http:\/\/www.cordance.net\/\" class=\"broken_link\">Cordance<\/a>, <a href=\"http:\/\/netmesh.info\/jernst\">NetMesh<\/a> and other companies who have made major contributions and have critical stakes in the OpenID community were not listed in the announcement. I know it was pulled together very quickly but I think the contributions of those two companies have been extensive and deserved mention (and yes! they do have \u00e2\u20ac\u02dccode\u00e2\u20ac\u2122).<\/p>\n<p>There was also no mention of like Brad Fitzpatrick the originator of the OpenID and his company <a href=\"http:\/\/www.livejournal.com\/\">LiveJournal<\/a> which is now a part of <a href=\"http:\/\/www.sixapart.com\/\">SixAppart<\/a>.<\/p><\/blockquote>\n<p>This is a good question.&nbsp; As I <a href=\"\/?p=672\">pointed out yesterday<\/a>, NetMesh was one of the orginators of OpenID.&nbsp; <a href=\"\/?p=661\">Drummon Reed<\/a> and Cordance have been big proponents too, and brought their i-names and XRI technology to the party.&nbsp; <a href=\"\/?p=671\">Brad<\/a>&nbsp;proposed the initial concept.&nbsp; There are lots of creative people and companies who are playing their part in all of this, and I consider most of them to friends.<\/p>\n<p>So since, as <a href=\"\/?p=676\">Gabe says<\/a>,&nbsp;everything about this announcement &#8211; and&nbsp;identity work in general &#8211;&nbsp;should be perfectly transparent, let me&nbsp;share&nbsp;what I was&nbsp;thinking&nbsp;while working on&nbsp;this.<\/p>\n<p>I&#39;ve been involved in big announcements a number of times, and they take months to pull off.&nbsp; Every PR department from every company has to get involved.&nbsp; Each has a constituency and message that it wants to be clear.&nbsp; Every time a change is made it has to go everyone else for approval, often provoking a further change, and so it just takes time.&nbsp; You plan well ahead for these things, and commit near full-time resources.<\/p>\n<p>We didn&#39;t have that luxury.&nbsp; Nor was this&nbsp;meant to be&nbsp;PR as such.&nbsp; It was a matter of the industry shaping itself through collaboration, and doing it in the blogosphere &#8211; the only place where these magical things can happen.&nbsp; The fact that Bill and Craig thought all of this was important and exciting gave us all a sudden opportunity for time travel.<\/p>\n<p>If I wanted this to happen in a short time, I needed to&nbsp;work with representatives, not the whole community,&nbsp;and even then, have a great deal of luck.&nbsp; But to do this without offending&nbsp;everyone involved, I felt we needed an objective criterion for deciding who to approach to represent the OpenID community.<\/p>\n<p>It seemed to me&nbsp;that the best&nbsp;representatives&nbsp;were the editors of the OpenID 2.0 specification.&nbsp; After all, they are at the center of landing this baby.&nbsp; And the editors are David Recordon at VeriSign, Johnny Bufu at SXIP, and Josh Hoyt at JanRain.&nbsp; Thus the choice of companies.&nbsp; I felt they would understand the technical issues and possibilities, and that the support of their companies for collaboration would be the beginning &#8211; not the end &#8211; of a wider process.<\/p>\n<p>So to be perfectly clear, we would love to see more people and companies getting involved in this collaboration and building the momentum going forward.&nbsp; This isn&#39;t the end of the identity journey &#8211; just a time-warp in which we all got thrown forward.&nbsp; So let&#39;s work on some of the big announcements I referred to above, and most of all, on really great technology.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I felt we needed an objective criterion for deciding who to approach as representative of the OpenID community.<\/p>\n","protected":false},"author":68,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[2,8,15,22,4],"tags":[],"_links":{"self":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/677"}],"collection":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/users\/68"}],"replies":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=677"}],"version-history":[{"count":0,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/677\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=677"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=677"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=677"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}