Every now and then folks come along and suggest that foaf+ssl could solve all the same problems that OpenID solves, and in some capacities, it can do similar things.
I'm no expert on foaf+ssl, and appreciate the spirit of not inventing anything new.
However, for whatever reason, no one has yet built a social network (at least that I'm aware of) that is 1) successful and 2) based on foaf or similar RDF technologies. I'm waiting for it; would love to see it — but it just hasn't seemed to happen yet.
So, if I were agnostic about how we achieved decentralization or distribution, and foaf+ssl proved popular, I'd certainly be open to entertaining its use (disuse should also not indicate that it's a bad technology, but one does need to contemplate why that's the case).
At the end of the day — most of the success of these technologies actually comes down to user experience and solving people's problems. The tech is the least interesting (and actually, least difficult) part — there's a million ways to skin a cat. The only thing that ultimately matters when it comes to decentralizing the social web is getting widespread adoption — and therefore facilitating interoperability.
There are two issues that I think foaf+ssl doesn't address that have to do with user education:
1. most users don't grok the idea of an "identity provider", let alone the idea that they might have some little "bag of goodies" (foaf) on a server somewhere that they need to know how to address via HTTP(s).
2. on top of that problem, people need a solution that "just works" everywhere. Now, that's not to say that a technology like foaf+ssl couldn't be made to work everywhere, like OpenID, but ultimately it will take a plurality of solutions to address the needs that we have.
For example: how would you sign in to your Xbox using foaf+ssl? You can do this with your Facebook and Twitter accounts currently... can it be done with foaf+ssl? I don't know... but it's situations like that where you need to be open to trying or providing alternative solutions that may, on the surface, seem less than ideal, but do solve the problem.
Curious to hear anyone else's experience implementing OpenID vs foaf+ssl.