« DJ Mimi in da house
final July ‘08 blogging »

Extending the OpenID Attribute Exchange

Now that Facebook and MySpace have truly opened up and will allow their users to move their profile data, social graph and content to other systems (under certain access controls) its time to talk about these behemoths connecting together via the OpenID Attribute Exchange.

Initially developed by Dick Hardt and Sxip Networks - the Attribute Exchange specification as it exists today was contributed to OpenID2 - as it became clear that OpenID was the winning solution for identity management.

First off I want to thank Dick for his enlightened approach and understanding of the politics and nuances surrounding evolving open standards and I’m excited as hell by something Allen Hurff (SVP of MySpace) said to me at the recent Facebook f8 conference:

“We looked at Attribute Exchange and we like it, but we need to do some extensions to it to match our solution.”

So this blog post is a plea to Allen, Dave Morin (Facebook), Kevin Marks (Google), Eran Hammer-Lahav (Yahoo), Angus Logan (Microsoft), Joseph Smarr (Plaxo) and of course David “get it done” Recordon (SixApart) to work together and extend the Attribute Exchange - so that we (the industry) can ALSO mesh into this compatibility ‘river’ of data and deliver to ALL our users and customers the ability to freely and easily flow their data - wherever the hell they want.

And let’s not forget Chris Messina and Will Norris (Vidoop and DiSO), Stephen Paul Weber, Leah Culver, Ben Laurie, Brad Nueberg, Simon Phipps, Scott Kveton, Tantek Celik and Brian Oberkirch - and all the other independents who are working on open social networking - in their various guises and scenarios.  Or Dave Winer.

I know I’ve been ranting about this for a while (my wife actually complained to me that she’s sick and tired of hearing the same dam thing over and over again) but I hope you all agree that this idea’s time has come.

The key ascept to these extensions (from my POV) is matching, mapping and normalizing the various techniques of access controls.  This will facilitate the smooth movement of user’s data between systems - with concise privacy and access controls over that data.

If one sets up their controls - in say Facebook (and utilizes their recently announced ‘dynamic privacy‘ system) then it HAS to match up to whatever MySpace and Google are doing.  And vice versa.

And Microsoft is gonna have to play along with us - as well.  We need to put the user’s best interests first and let that dictate what happens.  But it seems to me that Facebook’s DRM bits for people sort of sets a standard level of behavior here - so the trick will be how others can get compatible with Facebook (utilizng other techniques.)

The goal is that (let’s say by Thanksgiving) we all have a normalized set of access controls with which we can interop between.  It’s not just about enabling Facebooks apps to work outside of Facebook. Its about moving MySpace data into Facebook, then moving it to Orkut or Microsoft’s world - and back to Yahoo or Plaxo.

I’ll leave the technical details to you folks as to what exactly needs to get extended and mapped.  But certainly upcoming efforts on portable contactswill supply us with a standardized schema and set of APIs to interconnect the PUT and GET of profile info.

Now we need to just all agree upon some common notions of media, messages, events and places, and of course the 800 lb. gorilla of them all - social graph.  Both FOAF and XFN provide ways of doing that.

So let’s have at it.

BTW here are Dave Morin Allen Hurff and Kevin Marks (and me) at f8:

Final note - Allen says to me: “we’re trying to decide between FOAF and XFN” and I immediately say BOTH dude BOTH!  We need them BOTH!

This entry was posted on Sunday, July 27th, 2008 at 12:30 pm and is filed under . You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

4 Responses to “Extending the OpenID Attribute Exchange”

  1. Robert Mark White Says:
    July 27th, 2008 at 9:14 pm

    Joseph Smarr (Plaxo) previously talked about doing this kind of mapping, in one of his blogs. I think this is a very important area that if added to OpenId’s Attribute Exchange makes perfect sense. I agree that both foaf and xfn need to be included and perhaps maybe even vcard attributes. I hope the people you mentioned above and others take up your challenge and get something done by Thanksgiving. This would be a very important contribution to the “open web” or “data portability” ideals.

  2. Julian Bond Says:
    July 27th, 2008 at 11:43 pm

    Err. Is this post about OpenID AX, or portable contacts and profiles; I mean OpenID AX is dead isn’t it? And it assumes that your primary profile and social graph is also held on your OpenID provider. A dangerous assumption.

    IMHO. The solution to this is a bottom up approach:-
    - XRDS-Simple for OpenID delegation so that you can use broadbandmechanics.com as your OpenID
    - Additional entries in the same XRDS file that point at your master profile data, master social graph and YASN-Roll
    - A couple of Profile and Graph description languages to become market leaders so we developers don’t have to parse 50 different formats. Alternatively. libraries in all the major languages (Or at least PHP, Python, Ruby) that hide the differences
    - Recognition that the single most widely used description language is MS Outlook CSV. All these attempts to define yet another profile description format must at least include the Outlook fields and provide translators to and from Outlook CSV

    On existing formats:-
    - The RDFness of FOAF scares people. There’s really only a handful of tags in FOAF that are useful as structure, beyond that almost all useful FOAF is actually VCard and doesn’t actually use any of that RDF mesh strucure. There is a subset of FOAF+VCard that could be built that is plain old XML, tree structured and might be more acceptable. But we’re getting into religious war territory here.
    - Microformats are great for marking up existing pages. But that’s just the “Write” side. Reading them and parsing out the data when its embedded in broken HTML is a nightmare. Frankly its “Write only data”. And the MF people need to accept that discovery is an issue and come up with a standard solution (see XRDS-Simple). Defining heuristic MF rules to identify the master profile, graph and YASN-Roll is pure but unworkable.
    - oAuth deals with the security issues, but we need to combine it into the OpenID process. With my dumb end user’s hat on, I really don’t want to have to approve 4 different systems during the account signup process
    - CSV is just not a very good data transport format. We could do with an XML representation of MS Outlook CSV. I’m somewhat amazed that MS hasn’t produced this yet. Or have they?
    - Can each major PLEASE STOP inventing new wheels. We really don’t need Google, Yahoo, Facebook, MySpace, MS, Plaxo each creating their own incompatible solution to this mess.

    And Google. Please pay Brad Fitzpatrick/Kevin Marks to work exclusively on this full time and fund them to pull a team together. They’re about the only people in this game I trust to get it done and get it done right. But my perception is that their time and attention is being pulled elsewhere within the Googleplex.

  3. Mark Cross Says:
    July 28th, 2008 at 12:16 am

    Providing the vcards aren’t US by default…

    Considering the ROW from day 0, would kind of be really useful? US population only = 250M

  4. Marc’s Voice » Blog Archive » final July ‘08 blogging Says:
    July 30th, 2008 at 11:02 am

    [...] « Extending the OpenID Attribute Exchange [...]