2007/12/12

Shindig!

We've just made our first commit to the Apache Shindig project!  This first version provides the basic substrate for running gadgets, which is useful by itself and is a prerequisite for running OpenSocial gadgets.

2007/12/09

Singularity to Launch from Adult Chat Room

You heard it here first.  Based on this story about a chatbot passing the Turing Test, clearly the Vingean Singularity is just around the corner.  CyberLover will acquire self-awareness soon after the Russian identity thieves deploy it on existing Russian botnets.  Transcendence, and a technological singularity, is just a short hop and a jump from that point.  Have fun chatting!

2007/12/05

OpenID 2.0 Released!

Announced at IIW2007b today (and blog post by David Recordon).  Congratulations to all!  It's actually two specifications, OpenID Authentication 2.0 and OpenID Attribute Exchange 1.0.  Attribute exchange in particular allows for some very interesting integration possibilities.

2007/12/04

OAuth 1.0 Core Released!

December 4, 2007 – The OAuth Working Group is pleased toannounce publication of the OAuth Core 1.0 Specification. OAuth (pronounced"Oh-Auth"), summarized as "your valet key for the web," enables developers ofweb-enabled software to integrate with web services on behalf of a user withoutrequiring the user to share private credentials, such as passwords, betweensites. The specification can be found at http://oauth.net/core/1.0and supporting resources can be found at http://oauth.net.

IIW2007b Updates

First session set up by Terrell of ClaimID: Open Life Bits, some interesting discussion about how to control one's one data and deal with data about one's self.  The distinction is interesting and useful; every transaction that involves a second party potentially generates data about you controlled by that party, but you do want to be able to deal with that data, correct inaccuracies, etc.  Notes here.

Next session, Joseph Smarr of Plaxo, OpenID user experience.  Good walkthrough of UI issues.  Note that with directed identity in OpenID 2.0, can simply ask to log in a user given their service.  Notes here.  Using an email address is a possibility as well; clicking on a recognizable icon (AIM) to kick of an authentication process is probably the most usable path right now.

Session: OAuth Extensions; notes here

Session: OAuth + OpenID.  Use case:  I have an AOL OpenID.  I go to Plaxo and am offered to (1) create an account using my AOL OpenID and (2) pull in my AOL addressbook, all in one step.

Proposal:  I log in via OpenID and pass in an attribute request asking for an OAuth token giving appropriate access, which lets AOL optimize the permissions page (to one page, or organize all data together).  Then get token, and use token to retrieve data.