B. Mann Consulting

I'm helping out the local Vancouver Facebook Developer Garage event this coming Tuesday by running a "Future of Facebook" Q&A. Johnny Bufu of SXIP will be on hand to lend expertise around portable social networks, especially regarding identity, OpenID, the OpenID Attribute Exchange extension, and related tech.

The timing and title of this talk is interesting: there is an "all hands" meeting at Facebook on Tuesday, so the rep from Facebook that was supposed to attend can't make it. There is much speculation here, everything from "Microsoft will buy them" to "Facebook is worth $15 Billion". It will be fun to talk some of this through live at the event, but I'll mainly try and jockey live audience discussion, not do my own pontification.

It has been most interesting, with the "rise of Facebook", to see its vast spread into "non techies". Indeed, that's where *I've* found it to add real utility: since so many people are on there, both organizing events and seeing what people are up to "in the real world" has become much simpler, and has led to more in person meetings, for me at least. Pointing the way what a ubiquitous, interoperable identity infrastructure on the web could enable?

Some other preparatory material for such a discussion is this video of an interview of Mark Zuckerberg interviewed by John Batelle at the Web 2.0 Summit.

The event is this Tuesday at VFS starting at 5:30pm, full event details on Facebook, of course :P

Scott Kveton does a bit of a round up of what some folks are working on a technical level with portable social networking, in and around OpenID and some loose markup.

He takes what, in my opinion, is a bit of a cut against Attribute Exchange:

Also, attribute exchange doesn’t solve the portable social networking component although I imagine it could be hacked up to do so.

Sorry, Scott, when you use phrases like "hacked up", I take issue. Frankly, I would never have gotten on board with OpenID if I didn't see AX on the horizon as the logical conclusion of the SREG stop gap.

AX is an extensible system that will be able to pass many different kinds of information back and forth between systems. It has the same decoupled nature that OpenID has. Different sites can loosely couple by doing nothing more than using the same keys to define different sets of attributes. Why, exactly, would one NOT use this? In theory, one could do something as simple as host an agreed upon list of attributes -- based on FOAF, XFN, or for that matter any one of them in their own namespaces or with mapping between them.

I mean, we implemented syncing of user profiles using Drupal's simple distributed authentication + FOAF *3 years ago*. Working with SXIP in their various protocol incarnations, DIX, and finally the merging into OpenID and AX has all been part of the process of consensus around standards.

Attribute Exchange is a flexible, extensible base on which to implement many use cases around data exchange for user profiles and related information. Any solution around portable social networking should use this at its base, and the OpenID community should move to finalize the extension and move forward to building cool sh*t on top of it.

So, everyone is writing about the Google Apps Premier Edition. Lots of partners have announced services that integrate with Google Apps today -- see the Google Enterprise Solutions gallery for what's available today.

I've complained before about Google's messed up identity system (it's not fixed yet). And it looks like SXIP is now doing the same thing that it provides for Salesforce: identity management.

I've pinged the folks at SXIP to find out more. Their press release points to SXIP Access, which is their, dare I say it, "previous" solution vs. the OpenID bandwagon? Or maybe not?

Update: I got the scoop from Lori Pike at SXIP: "At this point in time there's no relation between [SXIP Access] and OpenID or SXIP 2.0/DIX." -- and likely there will be a blog post that explains a bit more.

I did a much longer recap/announcement over on my Bryght blog, but wanted to point to some people specifically. I had a great time and it was good to see so many people out.

Scott Hadfield wins the prize for actually OpenID-enabling his blog in real time (and for his bizarro domain name :P).

My site here does have delegation headers for my home.bryght.com account (Simon Willison has good instructions for the OpenID 1.1 format here), but it won't work most places until we get our code updated with the OpenID 1.1 backwards compatability. 

I think Rob of jayandsilentrob.com wins the prize for most errors/frustration encountered in trying to get his site delegating. I realized as we were all clustered around trying to test delegation with various systems....that there are still very few "large" sites that you can just do login with...besides random blog comments. Definitely more work needed here. Oh, and Rob has an event coming up here in Vancouver for tech types (Rob, looked for it in upcoming and couldn't find it...post/email and I'll update this).

Coming up January 17th, 2007 (next Wednesday, if you're reading this in current day blogtime), SXIP is hosting the Vancouver incarnation of an OpenID MashPit event. Here's the scoop:

Want to learn more about OpenID 2.0 and spend an evening hacking on the new code? Join Sxip at the OpenID 2.0 Mash Pit evening in the New Year in Vancouver. There will be simultaneous events that night in Portland and other locations, with a live webcast amongst us. OpenID is an emerging Identity 2.0 standard for exchanging identity data on the internet. This is for people to come and hack on OpenID 2.0 and figure out how to make it work for their sites or applications.

We'll do a brief introduction on OpenID 2.0 and the new stuff you can do with it such as attribute exchange with the email verification service, followed by 5 minute lightening talks on whatever you want to demo or talk about and then break out into small groups to help people actually dig into the "doing" of OpenID enabling their site. The goal? More hacking, less talking.

Scott Kveton announced the OpenID Code Bounty at OSCON today:

Integrate OpenID into your open source project and we’ll give $5,000 to your project.

We’ve seen OpenID really start to gain some momentum over the past couple of months and this Bounty program is really the exclamation point on that. There is a great list of sponsors for the program that includes people, organizations and businesses focused on building a simple, light-weight and decentralized user-centric identity platform around OpenID. Working with all of these people over the last couple of weeks has proven to me that convergence is really happening around OpenID.

I wasn't really a fan of the "original" OpenID spec. That is, it worked great, but only solved single sign-on. Then the Simple Registration Protocol, or SRP, got kludged in. This supports only 9 -- and exactly 9 -- attributes, and is not extensible. So, colour me firmly in the SXIP camp at this point.

Referencing Caterina's It's a bad time to start a company list, Jeff Griffiths figures that being in Vancouver actually helped with Flickr's success beyond the not-in-the-valley stealth mode that being in Canada imparts:

I would go even further and say that one of the critical success factors for Flickr *was* that they were not just 'toiling in obscurity', but that they were IN Vancouver. Up here we have lots of talent, a relatively low cost of living ( compared to the valley at least ), and all sorts of added lifestyle bonuses that San jose will never beat ( climbing / biking / snowboarding / music ).

And for Flickr in particular, a major part of their early success was a loyal local following of users; witness the hugeness of the Vancouver tag. I would smugly theorize that Flickr's ability to find their users was helped in a large way by their being in Vancouver, a city that seems to breed tech-obsessed shutterbugs more than most places.

I dunno, I think it's probably a bad time to start a company in San Jose, but it's hard to say when that would ever be true given Caterina's qualifications. Vancouver, on the other hand, seems to be a fine place to ( re ) start a company...

Jeff is currently toiling in obscurity over at the newly re-vivified Active State. They've got new offices lined up in the UK Building right above our de-facto Innovation Commons at Take 5 Cafe.

Re: talent. This is one of my major concerns: make it clear to worldwide talent that Vancouver is a great place to live (not hard) and that there are lots of companies doing interesting things here (harder). This is something I've talked at length with Zak Greant of EZ Systems, who's in the process of getting a larger EZ presence set up here in Van-groovy. Looks like he's still looking for a Sales Director and a Senior Project Manager (Matt Everard, the project manager position is one that would be a good fit for you...bug Zak about it).

Andre said something about wanting some more AJAX-y JavaScript experts for eBusiness Apps, makers of fine AJAX components. And you'll probably learn how to take Fridays off and go skiing.

The guys at The Level combine many of my most hated distasteful words: Java, Enterprise, Portal, and Proprietary. BUT, I met with them the other day, they have a killer office looking out over the Granville/Burrard bridges, are great guys, and are working on some seriously cool stuff. Java/XSLT experts, apply within.

Identity 2.0? SXIP has work.

So, just a selection of cool Vancouver companies doing interesting, cutting edge stuff -- I'm sure there are more. Now all we need is a Sun research center overseen by Tim and Lauren, or maybe a Google North.

Move up to Vancouver and start a company, already! (or join one of the ones above).

It was my great pleasure to meet the three guys from ClipperZ (The image is a little blurry, but that's because I had them shout "Identity 2.0" when I took the picture :P).

We sat down for several hours to discuss Identity 2.0 and some of their thoughts on blog owner centric vs. comment maker centric systems, talking mainly about SXORE (Marco has a post with SXORE feedback) and coComment. No comments from the SXORE team on that post, although Bryan Rieger found it. Go Vancouver people!

In any case, they are thinking about portable reputation (or maybe federated reputation would be a better phrase) as an initial application that can be built on top of Identity 2.0 systems. A reputation manager (a reputation provider? store?) would support multiple identity systems for authentication, and also share reputation with other reputation managers. This would initially be based on some very simple metrics, like perhaps whether or not a comment was approved, but certainly could support multiple other values (which gets quickly into a discussion about designing karma systems, perhaps, although it would depend on the feedback loops involved). Definitely subscribe to their blog if you want to keep up with what these guys are up to.

The other exciting thing I found was that here was a new "Web 2.0" style startup company based in Italy that had a lot more in common with Vancouver or San Francisco than anything else I had seen up to that point in Italy. We discussed the difficulties and benefits of a distributed team (although they are all in Italy, they live in different towns), and the usual roundup of tools -- they tried Basecamp but ended up using Trac, their user interaction diagrams are in OmniGraffle, we discussed Campfire vs. Skype bookmarked chats, or perhaps a Jabber multi-user chatroom.

It's nice to see such interesting things happening in Europe, and I have more of an interest in cross-pollination with European companies and clients than I do in jumping down into the scrum in Silicon Valley. I'm already scheming what the next European event will be: perhaps a BarCamp Brussels? Could be organized around Euro OSCON 2006 at the end of September 2006 (the Call for Participation deadline is March 6th).

I bumped into coComment finally. It's an interesting idea, almost identical in its end results to SXORE (which should be more officially launching this week, I think). But, the way it works and why you might want to use it is highly different.

coComment gives you a little "bookmarklet" to drag to your toolbar, and you click it whenever you see a comment box you want to leave a comment in. It sends your comment back to the central coComment server and you can of course track things via RSS and all that good stuff. The comment still lives in the original spot on the original blog...it just happens to be tracked centrally as well.

How is this different than SXORE? Well, at it's core, SXORE is based on identity, and could replace/augment the user login process of many types of systems. coComment is more of an overlay system, however at the end of the day it is tied to your coComment username, which is also an identity of sorts. What would be really interesting is if coComment actually begins SXIP-enabled -- that your coComment username is one of your identities, with which you could login to all sorts of things.