Amen. Great list.I would add one more: let's focus single-mindedly on things that we actually know are demanded by the market without which adoption does not occur, instead of growing the amount of technology that needs to be implemented into places where ROI (for implementors, deployers, users, ...) is at best uncertain.
Okay, I'm exaggerating. But directionally, I don't think I'm wrong -- witness the discussion about the "complexity" of Authentication 2.0 and the perceived relative benefits.
On May 29, 2007, at 13:33, McGovern, James F ((HTSC, IT)) wrote:
Been silently observing many of the email exchanges over the last couple of weeks and from an end-customer perspective I am somewhat concerned. Some of the general themes I have observed are:1. Too much focus on breaking compatibility with OpenID 1.1. While you have had some success, now is the time to break things. It is more important to get to the right long term approach earlier in the lifecycle.2. Too much focus on being unphishable. While this is important and foward progress should happen, I don't think that this should be the only focus. I salute Kim Cameron for getting folks off their butt to solve this problem though.3. Publish, publish, publish. Stop iterating and start publishing. The draft is way overdue and folks will not pay attention to a specification where velocity of change is occuring this frequently.4. Tackle and discuss issues head on. I have seen several valid issues where folks way too easily dismissed the concern stating cliche phrases such as not in scope, someone else's problem, etc.5. Not soliciting end user feedback. The observation is that there are lots of folks attempting to create a product around the spec and are simply iterating in order to be interoperable but haven't asked themselves is this what buyers of software actually desire. Many of the features that make this interesting seem to go ignored (e.g. attestation, authorization, support for XACML, etc)********************************************************************** ***This communication, including attachments, is for the exclusive use of addressee and may contain proprietary,confidential and/or privileged information. If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited. If you are not the intended recipient, please notifythe sender immediately by return e-mail, delete this communication and destroy all copies.********************************************************************** ***_______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs
Johannes Ernst NetMesh Inc.
<<inline: openid-relying-party-authenticated.gif>>
<<inline: lid.gif>>
http://netmesh.info/jernst
_______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs
