Why not let public keys be people too (by turning them into URIs)? Here's one way, based on RFC 2015:
<link rel="me" href="http://www.abst
<link rel="me" href="data:application/pgp-keys;base64,AHEIJ3334..." title="My Public Key">
And then we hook it into the Social Graph API.
Image from WikipediaI've been falling behind! Blogger recently graduated OpenID from "draft", which is sort of like beta but more bloggery. What this means:
Much coverage here. The OpenID Foundation is an interesting entity, not responsible for technical work but responsible for protecting the brand and the IP associated with OpenID. It's awesome that DeWitt is the corporate representative for Google.
Update 2/10: Added the missing IBM, and alphabetized.
SG Foo has come and gone in a very high-energy weekend. Thank you Scott and David (and the folks at O'Reilly) for putting it together. Unfortunately I was fighting off a cold nearly the whole time, which meant I missed the games of Werewolf...
What happened? We planted some seeds. We'll have to wait and see if they germinate. There was a lot of discussion about about XMPP and PubSub as a key protocol for pushing real-time and near-real-time social network data. I want to investigate this more but the XMPP standard is forbidding... Joseph Smarr and I organized a spirited discussion about how to have social data portability policies and avoid social data DRM. We made some progress around OAuth and OpenID. I met Dare Obasanjo. Data Portability was discussed at length. I learned some interesting things about publishing from Teresa Nielsen Hayden. I discovered that Sebastopol is a town full of very nice people.
Ugh. Over the weekend, the DNS provider for abstractioneer.org helpfully upgraded their software... and the new code refused to let me make abstractioneer.org be a CNAME for ghs.google.com, claiming it's illegal. (No, it's not, it just keeps you from using mail to that domain and a couple of other things, none of which I care about.)
All of which means that (a) abstractioneer.org is now www.abstractioneer.org; (b) my OpenID has now changed, with the old one (abstractioneer.org) doing a 302 redirect to the new one (www.abstractioneer.org). I'm viewing this as an experiment; let's see what breaks.
Cool. Looks like we've announced Brad's Social Graph API! Looking forward to talking with people at Social Graph Foo Camp about this. One note... one of the pieces of public data which the API leverages is OpenID delegate links. So a user can prove ownership of an entire set of appropriately-linked Social Graph nodes.
The best place to play with the API (and see what data it's returning) is with the Playground tool.
Johannes retconned a nice title onto our panel discussion yesterday: OpenID and Friends (where the friends include OAuth, OpenAuth, OpenSocial, etc.) The panel in fact might have been a little too friendly -- maybe we needed somebody (Ben?) debating with us about phishing attacks to shake things up a bit. It was great to talk with Shreyas, Johannes, Nicolas, and George about issues and next steps. We all have a variety of goals, all of which are advanced by OpenID adoption and use.
On Jan 29 I'll be on an OpenID & OAuth panel at the WebGuild Web 2.0 Conference and Expo in Santa Clara, CA. Shreyas Doshi of Yahoo will be there, which will be a great opportunity to discuss where OpenID is headed. (My former compatriot George Fletcher will be there as well, along with Nico Popp of Verisign, and Johannes Ernst will be moderating.)
Yesterday, in addition to launching Blogger in three new languages, we pushed out a draft feature: Your blog is your OpenID. Technically, this means that Blogger is both an OP and an RP; we've accepted OpenID signed comments since December.
We've implemented OpenID 1.1 so far, so we should be compatible with all OpenID 1.1 RPs. Please test it out (see instructions for opting in) and let us know if you see problems.
It's also great to see Yahoo announcing that they'll be an OpenID 2.0 Provider. I hope they implement RP support soon too, at least for things like Flickr comments.
I'll be at IIW next week, talking about Blogger, OpenID, OAuth, OpenSocial, and anything else that seems interesting. I'm anticipating a great event.
We've just enabled OpenID signed comments for Blogger in Draft. There are a few rough edges still (which is why you have to enable it for your blog by going to draft.blogger.com), so we're looking for feedback. We're also working on enabling Blogger as an OpenID Provider, meaning that you can use your blog URL to identify yourself on other services.
What's particularly fun about this is that it's been a very collaborative project, bringing together Blogger engineers, 20% time from a couple of non-Blogger engineers, and last but not least some of the fine open source libraries provided by the OpenID community. Thanks all!
