Presented by Chris Messina (OpenID Foundation), David Recordon (Six Apart), Joseph Smarr (Plaxo). As evidenced by Barack Obama’s successful presidential campaign, we have clearly entered the age of the social web. This developer-oriented workshop will emphasize the use and application of free, open building blocks for enabling social networking features on your site or service, and provide illuminating insights from some of the key figures creating these technologies.
http://en.oreilly.com/oscon2009/public/schedule/detail/8575
7. “Web 2.0 is the network as platform, spanning all
connected devices; Web 2.0 applications are those that
make the most of the intrinsic advantages of that platform:
delivering software as a continually-updated service
that gets better the more people use it, consuming and
remixing data from multiple sources, including individual
users, while providing their own data and services in a
form that allows remixing by others, creating network
effects through an “architecture of participation,” and
going beyond the page metaphor of Web 1.0 to deliver
rich user experiences.”
— Tim O’Reilly, Web 2.0: Compact Definition?
Photo by Dan Farber
8. “Web 2.0 is the business revolution in the computer industry
caused by the move to the internet as platform, and an
attempt to understand the rules for success on that new
platform. Chief among those rules is this: Build applications
that harness network effects to get better the more people
use them. (This is what I’ve elsewhere called ‘harnessing
collective intelligence.’)”
— Tim O’Reilly
Photo by Dan Farber
9. Tim O’Reilly’s five rules
The perpetual beta becomes a process for engaging
customers.
Share and share-alike data, reusing others’ and providing
APIs to your own.
Ignore the distinction between client and server.
On the net, open APIs and standard protocols win.
Lock-in comes from data accrual, owning a namespace or
non-standard formats.
10.
11. “So what’s the seminal development that’s ushering in the era of
Web 3.0? It’s the real arrival, after years of false predictions,
of the thin client, running clean, simple software, against
cloud-based data and services. The poster children for this
Bullshit.
new era have been the Apple iPhone and iPod Touch, which have
sold 37 million units in less than two years and attracted 35,000
apps and one billion app downloads in just nine months.”
— Walt Mossberg and Kara Swisher, Welcome to Web 3.0
13. “After all, Web 2.0 was not a new version of the web, but a
name that tried to capture what distinguished the companies
that survived the dotcom bust from those that survived, and point
the way forward for new companies entering the market.”
— Tim O’Reilly, responding to Mossberg and Swisher
Photo by Dan Farber
32. Tim O’Reilly’s five rules
The perpetual beta becomes a process for engaging
customers.
Share and share-alike data, reusing others’ and providing
APIs to your own.
Ignore the distinction between client and server.
On the net, open APIs and standard protocols win.
Lock-in comes from data accrual, owning a namespace
or non-standard formats.
Photo by Dan Farber
33. Tim O’Reilly’s five rules
The perpetual beta becomes a process for engaging
customers.
Share and share-alike data, reusing others’ and providing
APIs to your own.
Ignore the distinction between client and server.
On the net, open APIs and standard protocols win.
Lock-in comes from data accrual, owning a namespace
or non-standard formats.
Photo by Dan Farber
43. Mazlow’s Hierarchy of Needs
morality,
creativity,
spontaneity,
problem solving,
lack of prejudice,
Self-actualization acceptance of facts
self-esteem, confidence,
achievement, respect of others,
Esteem respect by others
friendship, family, sexual intimacy
Love/belonging
security of: body, employment, resources,
Safety morality, the family, health, property
breathing, food, water, sex, sleep, homeostasis, excretion
Physiological
44. People want to share and be connected
“Of the 1.1 billion people age 15 and older worldwide who accessed the
Internet from a home or work location in May 2009, 734.2 million visited
at least one social networking site during the month, representing a
penetration of 65 percent of the worldwide Internet audience. [...]
“Social networking has become a popular online pastime not only in
mature Internet markets like North America, but also in developing,
high-growth Internet markets such as Russia,” said Mike Read, SVP &
managing director, comScore Europe. “In a country as geographically
large as Russia, social networking represents a way of connecting
people from one corner of the country to the other. The highly engaged
behavior of social networkers in Russia offers significant opportunity for
marketers and advertisers seeking to reach these audiences.”
— comScore, July 2, 2009
*Source: comScore
89. • What’s your address?
• What’s your phone number?
• What’s your AOL screenname?
90. • What’s your address?
• What’s your phone number?
• What’s your AOL screenname?
• What’s your email address?
91. • What’s your address?
• What’s your phone number?
• What’s your AOL screenname?
• What’s your email address?
• What’s your MySpace?
92. • What’s your address?
• What’s your phone number?
• What’s your AOL screenname?
• What’s your email address?
• What’s your MySpace?
• Twitter?
93. • What’s your address?
• What’s your phone number?
• What’s your AOL screenname?
• What’s your email address?
• What’s your MySpace?
• Twitter?
• Are you on Facebook?
94. • What’s your address?
• What’s your phone number?
• What’s your AOL screenname?
• What’s your email address?
• What’s your MySpace?
• Twitter?
• Are you on Facebook?
• What’s your OpenID?
109. Portable Contacts API
• Simple JSON API for sharing, filtering and searching
contacts between social web sites.
• Implemented as a part of OpenSocial and thus deployed
on large sites such as MySpace.
• Integrated with OpenID and OAuth in Gmail.
158. TOC
8. Requesting Authentication
When requesting OpenID Authentication via the protocol mode "checkid_setup" or "checkid_immediate", this extension can be used to
request that the end user authorize an OAuth access token at the same time as an OpenID authentication. This is done by sending the
following parameters as part of the OpenID request. (Note that the use of "oauth" as part of the parameter names here and in
subsequent sections is just an example. See Section 5 for details.)
openid.ns.oauth
REQUIRED. Value: "http://specs.openid.net/extensions/oauth/1.0".
openid.oauth.consumer
REQUIRED. Value: The consumer key agreed upon in Section 7 .
openid.oauth.scope
OPTIONAL. Value: A string that encodes, in a way possibly specific to the Combined Provider, one or more scopes for the
OAuth token expected in the authentication response.
TOC
9. Authorizing the OAuth Request
If the OpenID OAuth Extension is present in the authentication request, the Combined Provider SHOULD verify that the consumer key
passed in the request is authorized to be used for the realm passed in the request. If this verification succeeds, the Combined Provider
SHOULD determine that delegation of access from a user to the Combined Consumer has been requested.
The Combined Provider SHOULD NOT issue an approved request token unless it has user consent to perform such delegation.
TOC
10. Responding to Authentication Requests
If the OpenID authentication request cannot be fulfilled (either in failure mode "setup_needed" or "cancel" as in Sections 10.2.1 and
10.2.2 of [OpenID] ) then the OAuth request SHOULD be considered to fail and the Provider MUST NOT send any OpenID OAuth
Extension values in the response.
The remainder of this section specifies how to handle the OAuth request in cases when the OpenID authentication response is a positive
assertion (Section 10.1 of [OpenID] ).
If the end user does wish to delegate access to the Combined Consumer, the Combined Provider MUST include and MUST sign the
following parameters.
openid.ns.oauth
REQUIRED. Identical value as defined in Section 8 .
openid.oauth.request_token
REQUIRED. A user-approved request token.
openid.oauth.scope
OPTIONAL. A string that encodes, in a way possibly specific to the Combined Provider, one or more scopes that the returned
request token is valid for. This will typically indicate a subset of the scopes requested in Section 8 .
To note that the OAuth Authorization was declined or not valid, the Combined Provider SHALL only respond with the parameter
165. What Plaxo found
• Better for the user: higher success rate with no
password anti-pattern
• Better for the provider: Happy users and no automated
data scraping
• Better for the site: Higher conversion rate; more
informed social graph
168. Evolving the Open Stack
Mashups OpenSocial
Attributes OpenID/AX ... Contacts Portable Contacts
Authentication OpenID/Auth Access Control OAuth
Metadata Discovery YADIS, XRDS-Simple, XRD
Unique Identifiers URLs, email addresses
As proposed by Johannes Ernst
170. “We launched OpenID in March 2008 with Highrise.
About 15% of the logins are now using OpenID.”
— David Heinemeier Hansson, 37Signals
171. “Deployments for their customers – Twitter and
Songbird – are seeing OpenID utilization of 20% or
more.”
— Eirc Eldon, VentureBeat
172.
173.
174. ReadWriteWeb ReadWriteTalk Enterprise Jobwire About Subscribe Co
RSS RWW Da
Your em
RSS RWW W
Your em
Search ReadWriteWeb
Home Products Trends Best of RWW Archives
Comcast Property Sees 92% Success Rate With New Mobile retail software
designed for in-store ret
OpenID Method counting, receiving etc.
Written by Marshall Kirkpatrick / February 10, 2009 2:33 PM / 22 Comments « Prior Post Next Post » www.handpoint.com
Dell Business Comput
The most-watched geek event of the day has to be the OpenID UX
Business Computer Pow
(User Experience) Summit, hosted at the Facebook headquaters. The Core™ 2 Duo On Sale
www.nz.dell.com
most discussed moment of the day will surely be the presentation by
Comcast's Plaxo team. New Zealand Site
Features 130,000 Memb
Plaxo and Google have collaborated on an OpenID method that may It's So Popular!
www.smilecity.co.nz
represent the solution to OpenID's biggest problems: it's too unknown,
it's too complicated and it's too arduous. Today at the User Experience
Summit, Plaxo announced that early tests of its new OpenID login
system had a 92% success rate - unheard of in the industry. OpenID's usability problems appear RWW SPONSORS
closer than ever to being solved for good.
This experimental method refers to big, known brands where users were already logged in, it
requires zero typing - just two clicks - and it takes advantage of the OpenID authentication
opportunity to get quick permission to leverage the well established OAuth data swap to facilitate
immediate personalization - at the same time, with nothing but 2 clicks required of users.
Plaxo, primarily known for the noxious flood of spam emails it delivered in its early days, is now an
online user activity data stream aggregator owned by telecom giant Comcast. The Plaxo team has
been at the forefront of the new Open Web paradigm best known for the OpenID protocol.
196. The open, social web is being built on standards that are
free to implement and that encourage competition at the
layer of service and user experience.