Hi Vikas, Thanks so much for your comments below. I'm not sure that everyone has as full an understanding of the progress that we've collectively made, so your words of encouragement and support are most appreciated. I'm coping your message to the Adoption Committee and OpenID Foundation Board who are probably most well positioned to take action on your feedback and recommendations. I agree with your recommendation to have a COTs and open source SW provider summit, we may now be reaching the stage where those vendors are more interested than they were 18 months ago, or even 6 months ago. Also agree that an LDAP/OpenID working group makes sense if we can also find enough prospective deployers to make it informative for the technology vendors to participate. For example, some of the generic interop testing we've done in the past would be much more meaningful with real customers and use cases. As we've seen thus far, the more existing and prospective RPs we can bring to the table, the more interested OPs and technology providers are in getting engaged.
Again, thanks for the great feedback and constructive recommendations, please keep it coming! By the way, if you haven't signed up for the Adoption Committee, we'd love to have you on it. Cheers, Brian ___________ Brian Kissel<http://www.linkedin.com/pub/0/10/254> CEO - JanRain, Inc. [email protected] Mobile: 503.342.2668 | Fax: 503.296.5502 519 SW 3rd Ave. Suite 600 Portland, OR 97204 Increase registrations, engage users, and grow your brand with RPX. Learn more at www.rpxnow.com<http://www.rpxnow.com/> From: Mahajan, Vikas [mailto:[email protected]] Sent: Wednesday, March 03, 2010 10:44 AM To: Brian Kissel Cc: [email protected] Subject: RE: OpenID UX Summit at Sears - Recap of the event Brian and Don, I just wanted to say how pleased I was with the UX summit and, more so, with the genuine interest and rapid progress the OpenID community and Foundation have made in the past 18 months since we had the Content Provider Summit in NYC. As I recall, we highlighted many issues/concerns with OpenID at that meeting, including: - Usability/user-experience - Data/standard user payload - Trust Model/Certfication I believe OpenID was able to address all these areas last week with remarkable progress and a sense of clarity. 18 months ago, I think OpenID was still primarily the outreach and development of the blogger type communities and they were a bit reluctant to see the corporations come in and start putting in formal processes and structures to address business issues like trust. The industry was still hotly debating OpenID vs. Information Card, not yet recognizing the value and complementary nature of both technologies. I'm glad to see the OpenID Foundation was able to address all these issues/concerns to the satisfaction of all its communities. I think it took the Federal Government's ICAM Trust Framework to get everyone in gear and working toward a common goal and things have been progressing rapidly since. - Usability has dramatically improved. The usability work, led by companies like Google and Yahoo, has seen significant improvement. They looked holistically at the challenges around registration and authentication and have come up with innovative ways to make the entire process work smoothly. I always look forward to what is being done in the area and hope that the Foundation continues to devote resources to this area. - Data - This was an area of major concern for many of us in NYC. What good was an openID authenticated user if we couldn't get basic demographic type data about them so we could do things like create them a profile on our websites and personalize their user experience in our applications? At the time, I even recall Yahoo was just sending an opaque identifier to RPs. Now I think we have some level of consensus on the basic payload we discussed in NYC - name, DOB, zip, e-mail address. I think people are now even thinking of additional industry-centric payloads like those for retail (colors, sizes, etc). I think this is a major accomplishment as it significantly adds to the value proposition for implementing and integrating OpenID. This also ties back to the user experience by simplifying the registration process for OpenID users. - Trust and Certification - I used the term "hierarchies of trust" at the NYC meeting, trying to convey the importance of some basic levels of assurance for different types of transactions. We also discussed the need to have some sort of certification program around this to help address legal concerns, etc. There was a good bit of resistance from the traditional OpenID communities and whether or not OIF should even be involved in this, but again, thanks in large part to the Federal Government stepping in, the OpenID Foundation has recognized the value and importance this has and is now putting in the pieces necessary to do this (along with Kantara). So it's important to recognize how far we have come in such a short period of time. And it's clear the Foundation and developer community are listening to the needs and requirements of the RPs and content providers. This speaks volumes about the excellent work and collaboration environment OIDF has created and its genuine interest in serving the needs of everyone involved. Thank you very much for all the hard work and dedication of the OIDF, its board, and its leadership! There is just one area I feel you have left to address and I strongly recommend you setup another summit to discuss it. I recommend a Summit for Identity Management product vendors (COTS and open-source) to discuss just what is keeping them from implementing OpenID in their products? I'm glad to see someone from IBM was at the UX summit, but we really need all the major vendors on board and the Foundation should listen to their needs and concerns so we can make it easier for them to adopt OpenID into their products. The statement I received from vendors 2 years ago was that there was no demand from their customers (primarily corporations). I believe that is clearly no longer the issue given that a company like Sears was your Summit host. So what else is holding them back? I suspect some of it is the rapid change and figuring out how they can put that into their product releases. I'm hoping this is where the Foundation can step in and figure out how to package up OpenID technology in such a way that it is easy for vendors to absorb and update incrementally. The other issues may be a lack of understanding on exactly what must be done to support OpenID both as RP and as IdP. For example, what LDAP schema extensions should be made? I think it would be great to setup a working group to figure these things out - the standard OpenID LDAP schema working group, for example. This will keep vendors from implementing proprietary solutions, thereby making it difficult to interoperate or making it difficult for customers to switch vendors. I'm sure there are a few more issues, too, (use cases, documentation, etc) that they may bring up. At this point, I feel like I am fighting this battle on my own. I'm sure other Foundation members who use COTS products feel the same way. So the Foundation could step in here and facilitate a conversation with the vendors (many of whom are Foundation members) to ensure their needs are addressed so they can rapidly incorporate OpenID support into their products. Please feel free to share this with rest of board or appropriate working group. Thanks, Vikas Mahajan 15 W Gude Drive | Rockville, MD 20850 Office: (240) 314-0826 | Mobile: (301) 514-3925 | Fax: (240) 314-0880 | Email: [email protected]<mailto:[email protected]> | Web: http://www.aarp.org <http://www.aarp.org/>[file:///C:\Documents%20and%20Settings\vmahajan\Application%20Data\Microsoft\Signatures\vmahajan_files\aarp_logo.gif] _____________________________________________________________________________ This email and any files transmitted with it may contain confidential information and are intended solely for the use of the individual or entity to which they are addressed. If you have received this email in error please notify your system manager and delete any copies of this email you have. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of AARP. Finally, the recipient should check this email and any attachments for the presence of viruses. AARP accepts no liability for any damage caused by any virus transmitted by this email. From: Brian Kissel [mailto:[email protected]] Sent: Monday, March 01, 2010 10:12 PM To: Brian Kissel Cc: Adoption ([email protected]) Subject: OpenID UX Summit at Sears - Recap of the event Hello All, Glad you were able to brave the weather and make it to the UX Summit at Sears. A special thanks to Rob Harles, Jeff Hamm, and Rob Mills of Sears for hosting the event. Also thanks to Eric Sachs and the Google team for arranging video conference access in DC and Mt. View. Even if you weren't able to attend, we've created a summary<http://blog.janrain.com/2010/02/sears-openid-ux-summit-retrospective.html> for those who would like to see a recap of what was covered. Also, you can see a copy of many of the presentations here<http://wiki.openid.net/2010-OpenID-User-Experience-%28UX%29-Summit>. Just scroll to the bottom of the page. Finally, we'd love to have everyone who is interested subscribe to the mailing list for OpenID Adoption<http://lists.openid.net/mailman/listinfo/openid-adoption> which is run by Daniel Jacobson of NPR, the Chairman of the Adoption Committee<https://openid.pbworks.com/Adoption-Committee> of the OpenID Foundation. Cheers, Brian ___________ Brian Kissel<http://www.linkedin.com/pub/0/10/254> [email protected] CEO - JanRain, Inc. 519 SW 3rd Ave. Suite 600 Portland, OR 97204 Mobile: 503.342.2668 | Fax: 503.296.5502 Twitter: @rpxnow<http://twitter.com/rpxnow> and @janrain<http://twitter.com/janrain> Facebook: www.facebook.com/rpxnow<http://www.facebook.com/rpxnow> Increase registrations, engage users, and grow your brand with RPX. Learn more at www.rpxnow.com<http://www.rpxnow.com/>
_______________________________________________ board mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-board
