OpenID Alternatives? A discussion going on elsewhere...

Skip to first unread message


Mar 5, 2010, 10:03:02 PM3/5/10
So I've been following a conversation that's been going on elsewhere (via Twitter and blogs mostly) about potential alternative to OpenID via foaf + ssl.  I don't know enough to make heads or tails of it, but I wondered what the community thought.  Here are some of the relavant links:

-- Robert Hall

Chris Messina

Mar 5, 2010, 11:16:44 PM3/5/10
Every now and then folks come along and suggest that foaf+ssl could solve all the same problems that OpenID solves, and in some capacities, it can do similar things.

I'm no expert on foaf+ssl, and appreciate the spirit of not inventing anything new.

However, for whatever reason, no one has yet built a social network (at least that I'm aware of) that is 1) successful and 2) based on foaf or similar RDF technologies. I'm waiting for it; would love to see it — but it just hasn't seemed to happen yet.

So, if I were agnostic about how we achieved decentralization or distribution, and foaf+ssl proved popular, I'd certainly be open to entertaining its use (disuse should also not indicate that it's a bad technology, but one does need to contemplate why that's the case).

At the end of the day — most of the success of these technologies actually comes down to user experience and solving people's problems. The tech is the least interesting (and actually, least difficult) part — there's a million ways to skin a cat. The only thing that ultimately matters when it comes to decentralizing the social web is getting widespread adoption — and therefore facilitating interoperability.

There are two issues that I think foaf+ssl doesn't address that have to do with user education:

1. most users don't grok the idea of an "identity provider", let alone the idea that they might have some little "bag of goodies" (foaf) on a server somewhere that they need to know how to address via HTTP(s).
2. on top of that problem, people need a solution that "just works" everywhere. Now, that's not to say that a technology like foaf+ssl couldn't be made to work everywhere, like OpenID, but ultimately it will take a plurality of solutions to address the needs that we have.

For example: how would you sign in to your Xbox using foaf+ssl? You can do this with your Facebook and Twitter accounts currently... can it be done with foaf+ssl? I don't know... but it's situations like that where you need to be open to trying or providing alternative solutions that may, on the surface, seem less than ideal, but do solve the problem.

Curious to hear anyone else's experience implementing OpenID vs foaf+ssl.


You received this message because you are subscribed to the Google Groups "Diso Project" group.
To post to this group, send email to
To unsubscribe from this group, send email to
For more options, visit this group at

Chris Messina
Open Web Advocate, Google

Follow me on Buzz:
...or Twitter:

This email is:   [ ] shareable    [X] ask first   [ ] private

Steven Livingstone-Perez

Mar 6, 2010, 6:11:43 AM3/6/10

From recent discussions with a large client looking at SSO technologies, the problems are around adoption and work needed by RP’s (rather potential RP’s) rather than the technology itself. In fact even if you adopt such a technology, for it to be truly useful a number of your partners must also adopt it.


Basically independent of the technology it’s up to potential RP’s to engineer to supporting OpenID or some other related technology – it isn’t that they wish it were something better.


OpenID now has a significant wave of supporters and in the coming years it will likely evolve as we get feedback from those using on real commercial sites.


Still, that shouldn’t stop viable arguments that may help that evolution!




Reply all
Reply to author
0 new messages