I'm reflecting both a general sense that I have about the libraries, as well as analysis from Will Norris — one of the few consistent contributors to various OpenID libraries/implementations (i.e. the WordPress OpenID plugin).
Since I also maintain the list of OAuth libraries on the OAuth site, in contrast, I've seen much more activity with and interest in those libraries over the past year or so. Dick may have a point that people have lost interest. I can't draw the same conclusion about the product that we're shipping, since third-party authentication has only become more common in the past year. Instead, it seems to me that there's probably an impression that the "project is dead" or that the core of the community has moved on to OAuth, since the capabilities that OAuth unlock are generally more interesting to people (and more relevant, given the various industry adoptions). While OAuth (1 or 2) doesn't solve all the most interesting problems, it solves the ones that people can get their heads around today, and that confront them immediately when trying to access user data or facilitate sign in. Furthermore, without the community or the foundation taking a more active role in the development, improvement, and simplification of the libraries (or relying on Janrain, which gave up maintaining the libraries a long time ago), that responsibility has simply gone unserved. I appreciate John's point about openID4java being maintained — as part of another organization's toolkit, it makes sense that it would be maintained. What I'm worried about are all the libraries that fall under our purview and that are no longer being actively maintained. Chris On Thu, Jan 20, 2011 at 8:47 AM, Eric Sachs <[email protected]> wrote: > I certainly wouldn't mind if the libraries were organized better, however > when we pole our current/targetted RPs about areas for improvement for the > OpenID scenarios we support, the state of the libraries doesn't make it to > the top 10 list. The only exception is RPs who are trying to do both > OpenID+OAuth and who not surprisingly complain about the OAuth1 signing > issues. > > On Wed, Jan 19, 2011 at 6:40 PM, Chris Messina <[email protected]>wrote: > >> It has come to my attention that the maintenance of the OpenID libraries >> has fallen by the wayside in the past year. Since OpenID 2.0 is still the de >> facto latest version, I believe it is up to the foundation to make sure that >> we're keeping the existing libraries up to date. >> >> Specifically, since our code is hosted on GitHub, there have been several >> forks and subsequent pull requests posted to the PHP library: >> >> https://github.com/openid/php-openid >> >> <https://github.com/openid/php-openid>Will Norris is reviewing these >> changes but I think this raises an important issue that we've neglected for >> some time — making the developer experience of integrating OpenID (beyond >> using an off-the-shelf solution like Janrain Engage) adequate. To that end, >> making sure that the libraries are open for improvements, and that we >> respond to pull requests in a timely fashion should be something that we >> prioritize in 2011. >> >> If it's unclear who the current maintainers or owners are for the >> libraries, that's something we should absolutely address. >> >> Chris >> >> -- >> Chris Messina >> Open Web Advocate, Google >> >> Website: http://chrismessina.me >> Blog: http://chrismessina.me/b >> Follow my updates: http://twitter.com/chrismessina >> >> This email is: [ ] shareable [X] ask first [ ] private >> >> _______________________________________________ >> board mailing list >> [email protected] >> http://lists.openid.net/mailman/listinfo/openid-board >> >> > > _______________________________________________ > board mailing list > [email protected] > http://lists.openid.net/mailman/listinfo/openid-board > > -- Chris Messina Open Web Advocate, Google Website: http://chrismessina.me Blog: http://chrismessina.me/b Follow my updates: http://twitter.com/chrismessina This email is: [ ] shareable [X] ask first [ ] private
_______________________________________________ board mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-board
