W3C home > Mailing lists > Public > public-xg-webid@w3.org > April 2011

Re: the openid para

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Thu, 28 Apr 2011 18:51:54 +0200
Message-ID: <BANLkTim8La-=Tsuapsg+xsBzgFXUh_MN5A@mail.gmail.com>
To: peter williams <home_pw@msn.com>
Cc: jeff@sayremedia.com, public-xg-webid@w3.org
On 28 April 2011 17:53, peter williams <home_pw@msn.com> wrote:
> I begged for a rewriting on that particular point, and you guys did it.
> Thanks. I don't have much reputation to preserve in openid-land, but what
> there is was not disaparaged. I can go there, still stare at the floor, but
> at least I can be in the room.
> Despite the toning down, the underlying orientation of the group still came
> through - wanting to define webid in terms of the "original sin" of foaf not
> being adopted by the openid community (per some founder ideas, apparently).
> Folks have not moved on. The original sin has become a prayer; and an
> institutionalized ceremony to remind the faithful. Anyone in the know can
> hear the refrain. I hear it, and so do others.

Dont forget that OpenID was originally based on FOAF.  OpenID and
WebID have many common strengths, they are probably more important to
focus on, than the differences, imho.

> We don't want a new submission. We have to live with our flaws, once made.
> We lost a grade because of tone. What we can do is re-set the tone, for the
> next paper and the oral work at the id conference (if these authors are
> invited). The latter is obviously a (friendly) negotiation forum, and I'll
> bet 80% of the acceptance criteria are about detecting whether there is a
> negotiation attitude - so the result allows the whole browser group to focus
> 100% on adoption of several modern id mgt solutions (and not just repeat the
> technology rants about evil ISO X.509, drivel on about Passport, or relive
> OASIS/W3C conflicts about enterprise-centric web dating back a decade).
> -----Original Message-----
> From: public-xg-webid-request@w3.org [mailto:public-xg-webid-request@w3.org]
> On Behalf Of Jeff Sayre
> Sent: Thursday, April 28, 2011 8:34 AM
> To: public-xg-webid@w3.org
> Subject: Re: the openid para
> The issue of being more inclusive and less confrontational regarding OpenID
> was brought up last week. Believe it or not, the section on OpenID that is
> now in the position paper is the rewritten, more friendly version!
> As Henry points out, with a limited amount of space (and limited amount of
> time), it is not easy to get every detail right.
> Of course, it is important that we clearly differentiate the differences
> between OpenID and WebID. Although the section could perhaps be less
> assertive about them, I think it is crucial that people clearly understand
> them. There are a number of additional advantages that WebID offers compared
> to OpenID. We chose to leave them out due to space limitations and not
> wanting to seem negative about OpenID.
> I do no think we are snubbing our noses at the wonderful technological
> progress that the OpenID community brought to the identity issue. We are
> acknowledging OpenID and then saying that WebID is the next generation.
> I suppose we could alter the paragraph, but I'm not too sure whether we can
> officially resubmit past the deadline. Even if we can, does it make that big
> of a difference? Our oral presentation can better build the bridge between
> OpenID and WebID in a manner that gives OpenID its proper respect.
>> On 28 April 2011 04:50, peter williams <home_pw@msn.com> wrote:
>>> "OpenID reduces the account multiplication issue by allowing users to
>>> login to every site using the same global identifier. This provides a
>>> base from which WebId can be deployed, procuring the following extra
>>> advantages:
>>> Protocol simplicity: the WebID protocol is a lot simpler, requiring
>>> only one more connection over and above the connection to the
>>> requested resource, where the result is cacheable. OpenID requires
>>> seven TLS connections, significantly more than WebID. These
>>> additional steps create opportunities for denial of service attacks,
>>> making it more difficult to secure and to debug."
>>> I think we are still learning to make effective pitches. The above,
>>> for example, now submitted, sounds somewhat catty. If my sales team
>>> used that tone about our competition, Id consider him jaded and time
>>> for retirement.
>> I have to agree. I have nothing but admiration for the technical
>> progress of this work, but I do find the messaging re OpenID over the
>> years has been needlessly (and perhaps unintentionally)
>> confrontational. Last thing we need is a retread of the unfortunate
>> tribalism that was 'microformats versus Upper Case Semantic Web'.
>> WebID stands on its strengths. And in some cases, being able to fall
>> back to OpenID (eg. from the certless cybercafe PC scenario) is more
>> appealing than messing around using a password to install (and then
>> remove) a transient WebID cert on an uknown PC.
>> [...]
>>> Now, that's too wordy. But, look at the difference in tone. One carps
>>> about the competitions most negative points. If I was an openid
>>> author, Id be showing no love for webid, at this point (simply
>>> because of the tone, taken). The other notes the differences in
>>> design schools, arguing our case for eliminating certain openid
>>> flows. In doing so, we happen to also indicate the limits of webid,
>>> so it's harder to portray our work as something that simply has done
>>> insufficient analysis of the requirements.
>> Yes. A lot of people are enthusiastic about the general ideas behind
>> OpenID, but pretty agnostic about the technical details. Others are
>> frustrated by the slow adoption%2
Received on Thursday, 28 April 2011 16:52:22 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:39:44 UTC