barx: A Ruby XRI Resolver

Last month, Victor Grey and Kermit Snelson announced barx, the first full implementation of the XRI 2.0 draft specification (working draft 11, for those of you keeping track). I finally downloaded and started playing with it tonight; it’s very nice. Most OpenID implementations are using a proxy hack to support i-names, but as real XRI implementations start to come out, we’ll start seeing many more interesting applications.    (MS5)

I’ve started to port barx over to Perl and will hopefully have it completed by IIW next week. Yes, I’m coding again. I’ve been sitting on a slew of year-old ideas that need to get implemented, and I’m tired of being a preacher instead of a do-er (at least when it comes to code). It’s against my instincts, and I don’t have enough of an audience to leverage the Lazy Web.    (MS6)

Besides, I was starting to miss it. Over the last few years, I’ve built a reputation as someone who knows a bit about collaboration, not just about tools, and that’s been really gratifying. It’s also helped me feel okay about reminding people that I still know a bit about tools as well. Plus, a lot of things have been stoking the fire recently. I was managing the HyperScope project last year and the Grantsfire project this year, both of which are conceptually and technically interesting. I never stopped reading code, and a lot of my friends are developers. What really kicked things into gear for me, though, was stepping in as an emergency developer for Grantsfire and watching Linus Torvalds‘s git talk.    (MS7)

I started playing with a bunch of ideas at once, but I’m focusing on Grantsfire and the Digital Identity stuff now. Stay tuned, and if you want to hack with me over the next few weeks, either face-to-face or remotely, ping me.    (MS8)

Internet Identity Workshop 2007, Day Two

My big takeaway from this rendition of the Internet Identity Workshop (IIW) continues to be the growing maturity of this community as well as the influx of new faces. This manifested itself in interesting ways in Open Space today. As Phil Windley noted in his excellent synopsis of the day, almost half the room stood up to propose sessions, which was quite stunning.    (M9Y)

While there were a number of interesting topics posted, most of the ones I attended were more bull sessions than work sessions. That’s not a bad thing — talk is necessary for building Shared Understanding — but you also want to make sure that the folks who are in a position to work are working. And that’s what happened. There were a lot of ad hoc, project-oriented meetings and plotting happening outside of the sessions.    (M9Z)

This is a good lesson on the nature of Open Space, especially when these gatherings occur repeatedly in a community of practice. Norms emerge and evolve. Communities go through cycles, and the Open Space experience shifts with each cycle.    (MA0)

I managed to eavesdrop on part of a conversation between Lisa Dusseault and Lisa Heft about Open Space and this conference in particular. Lisa Dusseault was bemoaning the lack of Shared Understanding among all the participants, and explained that at IETF and similar gatherings, there was always a baseline of knowledge across participants, because there were papers, and people were expected to read them ahead of time. Pre-work is not anathema to Open Space, and it’s great if you can get folks to do it. In this particular community, I think it’s possible. But you still have to be careful when considering other ways of designing for this challenge.    (MA1)

A few weeks ago, Al Selvin told me about his experiences at CHI conferences. The first time he went, he was new to the field, and it was a wonderful learning experience. The following year, he attended again, and the experience was not as good. Why? Because it was essentially identical to the previous year. People were basically the same things as they had before.    (MA2)

What’s the difference between what happens at Open Space versus most academic conferences? Co-creation — aka collaboration aka real work — is a key part of the process. People, both old and new, get together to evolve their Shared Understanding and something new and wonderful emerges from that. You have both learning and co-creation, which are really two sides of the same coin. Sadly, many conferences are all about one-sided coins.    (MA3)

I think there are ways to make the first day even more effective for new members of the community. We heard some great ideas for this at Kaliya Hamlin‘s session on this topic, and I expect her to do great things with this feedback.    (MA4)

Speaking of community, I held a session on Identity Commons. A lot of folks who have been active in the creation process participated, as did key members of our community. One of the things I wanted to make crystal clear to folks was that ultimately, Identity Commons was simply the name of this community. As it happens, this name represents both the intent and values of this community (or in chaordic speak, the purpose and principles). What’s really unique about our values is how we collaborate with each other. There is in fact a legal entity called Identity Commons, but it is extremely lightweight and open. It’s sole purpose is to manage the shared assets of this community in an open, grassroots way.    (MA5)

The organizational elements of this entity are fascinating in and of themselves. The challenge that most organizations like Identity Commons face is, how do you embrace an identity (which implies creating a boundary between you and others) while remaining open (keeping that boundary permeable and malleable). (Boundaries and identity as they pertain to leadership were major themes at the Leadership Learning Community Evaluation Learning Circle last January, yet another instance of all my different worlds colliding.) Complicating all of this is the challenge of sustainability.    (MA6)

In order to make decisions, a community must define who its members are. Most organizations define membership as some combination of vetting, voting, and payment. I believe that a pay-to-play membership model is the main source of problems most organizations like these face. It’s simply a lazy approach to sustainability. There are other ways to be sustainable without destroying the integrity of your community.    (MA7)

I could go on and on about this, and I eventually will, but not right now. The challenge we currently face is that the growth of the community outpaced the reformation of the new Identity Commons. While we were busy gaining a collective understanding of what we were trying to do, a process that took well over a year, the overall community grew on us. Now, we’re faced with the challenge of getting folks to think of this community as Identity Commons, rather than as some entity that a bunch of folks are working on. I like to call this going from “they” to “we.”    (MA8)

Conversations with folks about this today made me realize that I was overthinking the problem. (Shocker!) The problem is as challenging as it was before, but I think the solution is relatively straightforward: good ol’ fashion community-building, starting with the existing social network. As complex and multilayered as all this stuff is, I think we can keep the message simple, which will greatly aid our cause.    (MA9)

Miscellaneous thoughts from day two:    (MAA)

  • I chatted with Larry Drebes of JanRain about Pibb, and he assured me that they would be adding Permalinks soon, as well as other cool features such as export. Call me a convert. Now I’ve got to remember to talk to them about the perplog vision, and how those ideas could be integrated into Pibb to make it seriously kick butt. I’m also going to evangelize at RoCoCo (RecentChangesCamp Montreal) later this week.    (MAB)
  • I am really impressed with how much OSIS has accomplished over the past six months. Kudos to Dale Olds and Johannes Ernst for their leadership on this project, and kudos to Dale and Pamela Dingle for a really cool interop code session this afternoon. Despite some difficulties with the wireless, it looked like they got a lot of stuff done.    (MAC)
  • Brilliant move on Kaliya’s part to invite Open Space facilitator Lisa Heft to participate. She’s an outsider to this community, but she’s a wonderful observer of people, and it’s been great hearing her take on things. She’s also performing a nifty experiment which will be unleashed on everybody tomorrow afternoon.    (MAD)
  • I chatted a bit with Kevin Marks this evening about microformats and his experience as a new Googler. When I think of Kevin, I don’t immediately think Google, but he does work there now, so technically, Google was represented at the workshop. Ben Laurie, another Googler, has also been an active participant in this community. However, as much as I generally love Google, I have been extremely disappointed in its overall participation and presence in the identity community. The Google identity experience is one of the worst on the Internet, which is all the more notable when compared to its consistent track record of superior web experiences. It’s also using its own proprietary identity protocols, which is a travesty. There are good solutions to all of this, and yet, Google has thus far ignored the quality work in this community. I’d love to see Google adopt OpenID, but I’ll settle for more folks involved with identity at Google simply participating in this community.    (MAE)

Internet Identity Workshop 2007, Day One

Quick thoughts from day one of the Internet Identity Workshop (IIW):    (M9G)

  • This is the fourth IIW. The first one was in October 2005. Amazing. It feels like we’ve been doing these for at least five years.    (M9H)
  • Over half of the participants were there for the first time.    (M9I)
  • I opened the conference with an introduction to Identity Commons. Got some good feedback, and great support from others who have been active in the rebirth of Identity Commons. My big goal is to get the community to think of Identity Commons as “we,” not “they.” We’ll see how successful we are at the end of this workshop.    (M9J)
  • We participated in a nice exercise where folks got into small groups and surfaced questions. It got people interacting, and as Phil Windley noted afterwards, people stayed in small groups chatting away well after the day had ended.    (M9K)
  • One thing that struck me about the group exercise: I heard no new questions. A common characteristic of Wicked Problems is not knowing what the questions are. A good number of us seemed to have successfully identified most of the key questions a long time ago. This is both a sign of progress and of concern. We as a community are starting to face growing pains, and community memory is becoming more and more of an issue. Doc Searls suggested that in addition to surfacing the questions, we should have asked, “Okay, who has the answers?” I think some variation of that would have made an excellent complementary exercise.    (M9M)
  • I like Pibb, JanRain‘s Web-based real-time group chat tool that uses OpenID. (Think IRC on the Web with OpenID for identities.) But I also agree with Chris Messina; Pibb needs permalinks — granular as well as thread-level.    (M9N)
  • We had a series of lightning presentations following the group exercise. They were all well done. Remarkably, they were all about basically the same thing, only told from different angles, something that Mary Hodder also observed. I think this is a good sign. It shows the ongoing convergence of our community. There was also a lot of Spotlight On Others — folks referring to each other’s work, even borrowing slides from each other — another sign of a healthy community.    (M9O)
  • There wasn’t anything new conceptually, but there were many more implementations, yet another sign of progress. Speed Geeking basically consisted of 15 different implementations of Single Sign-On, which doesn’t make good fodder for demos, but which is great for the community.    (M9P)
  • Two Speed Geeking projects stood out: Vidoop and Sxipper. Vidoop is user authentication via image recognition and categorization, which in and of itself is interesting. But what got people buzzing was its business model: sponsoring images that would be displayed to users for authentication. I don’t know if it’s viable, but it’s definitely creative. Sxipper is a Firefox plugin that handles account registration and login. What’s really interesting is what’s happening beneath the covers: It’s essentially an OpenID Identity Broker running from your browser. It looked very slick; I’m looking forward to playing with it.    (M9Q)
  • Doc Searls gave his traditional day one closing talk. I’ve heard bits and pieces of this talk many times, but I never tire of listening to him speak. He’s just a fantastic storyteller, and he’s always on point.    (M9R)
  • I carpooled with Fen Labalme, and as we were discussing our takeaways on the way back, he said, “I’m glad I didn’t sit with you at dinner.” He wasn’t joking, and I wasn’t offended! I felt the same way! One of the really special things about this community is that there are no snobs. We all like to hang out with each other, but we all also really value quality time with folks we don’t know. You could really see this at dinner. I didn’t see any cliques, and there was plenty of mixing.    (M9S)

Implications of the Kintera Data Sharing Announcement

Andy Dale reported earlier this month that La Leche League will be using Kintera‘s software for member and donor management. More importantly, the two organizations will use open “standards” to share data between their respective systems. Andy’s company, ooTao, is implementing the data sharing using technology known as XDI.    (LK3)

The data sharing problem is well-known in every large organization, and it boils down to this: You have common data across multiple systems and databases, and none of it is linked. Because it’s not linked, it’s difficult to update information, it’s difficult to maintain a high-level accuracy, and it’s difficult to do any serious reporting. Every time you add a new system, it gets exponentially harder to do all of the above.    (LK4)

Does Kintera’s announcement mean that the data sharing problem has been solved? No. But it’s still an important announcement. To understand why, it’s important to delve a bit deeper into what makes the data sharing problem hard in the first place.    (LK5)

First, standards are inherently hard.    (LK6)

Second, getting an established market of vendors to agree on a set of standards is even harder. The problem is that every vendor thinks that lock-in is good for their business. The bigger problem is that they’re absolutely right, as long as lock-in is the status quo. Open data sharing is not viable until a critical mass of tools support it, and there’s no short-term return on being first to market (other than marketing value, which I would argue is underappreciated).    (LK7)

Third, those who have been trying to address the problem have been going about it the wrong way. In particular, they’ve made the social problem bigger when it should be smaller, and they’ve made the technical problem smaller when it should be bigger.    (LK8)

The most common mistake that people make when trying to agree on a standard is to try to get everyone on board up-front. That is the path to certain failure. The best approach is to get two people on board up-front, build something that works and is open, and then approach others about joining the effort. Getting small groups of people to collaborate is hard enough. Don’t make it harder than it needs to be.    (LK9)

On the technical front, people seem to have oversimplified the problem. It’s not just about coming up with the right set of APIs and XML schemas. You have to also think about identity — on many levels, as it turns out. The data needs to be addressable, which means you have to think deeply about identifiers. Also, the most common type of common data is people information — in other words, digital identities. The requirements around Digital Identity — especially User-Centric Identity — are more complex. The good news is that engineers are well-equipped to handle this kind of complexity; you just need to make sure it’s part of the problem statement.    (LKA)

Back to the Kintera announcement. They’re doing the right thing by building something that works between two organizations, rather than declaring a standard up-front and trying to convince everyone to jump on board willy nilly.    (LKB)

They’re also doing the right thing by hiring ooTao to implement this piece, because ooTao understands the identity problem, and it has credibility in the grassroots identity community. While calling XDI a “standard” is a stretch — there’s not even a published spec yet — it will most certainly be open, and a number of organizations and individuals have already contributed to it. More importantly, all of this stuff will work with OpenID and i-names, two technologies that can be accurately called open standards.    (LKC)

Will XDI “win”? It doesn’t matter. The architectural and practical lessons learned in implementing and deploying something real will move us one significant step closer to solving the data sharing problem, regardless of the role that XDI plays in the the long-term solution.    (LKD)

Should you avoid XDI because of the uncertainty over whether it will “win”? Absolutely not. The architectural changes you will need to make to support XDI will be largely spec-independent. Should you need to migrate to a different spec at a later point, the work required will be relatively minor.    (LKE)

Ph-Off and i-name Promotion

I’m at the Identity Open Space in Santa Clara right now. Lots of good stuff scheduled today, including a session I’m co-leading on Identity Commons, the next generation. Two things worth mentioning now. First, i-names have officially launched. A lot of folks purchased i-names through the Identity Commons fundraiser way back when, and those will finally become useful. If you didn’t have a chance to buy one at the special rate a few years ago, you can buy them at a special rate over the next three days: $5 for the first year of registration. Go to:    (L5U)

and register before 7pm PT, this Thursday, September 14.    (L5W)

Second, Andy Dale has whipped up a cool, anti-phishing Firefox plugin for OpenID users appropriately named, Ph-Off. OpenID and similar technologies rely on the notion of an Identity Broker — a third-party site that handles authentication. Because these Identity Brokers will become increasingly important, we need good ways to be sure that things that look like our i-brokers actually are our i-brokers. When you configure Ph-Off, the toolbar turns green and you get a green thumbs up indicator when you visit your actual i-broker. It’s simple and useful.    (L5X)