Friday, September 19, 2008

Geeking out at Web 2.0 Expo

I ducked out of the Finance 2.0 for Early Adopters session and dropped in on the Comet session.

Web Sockets in the HTML 5 specification supports bi-directional communication over a single socket.

With the HTML versin 5 spec the HTTP protocol can upgrade to WebSocket protocol enabling bi-directional flow between client and server over a single socket. This means it traverses firewalls easily and it eliminates the need for middleware components.

This was really just the warm up for me. The session I really wanted to see was Joseph Smarr, the Chief Platform Architect from Plaxo. He makes complex subjects clear and somehow manages to do that while talking at a rate of hundreds of words per minute. His talk is one of the last at the conference and addresses implementing the Open Web.

Joseph is going to talk about OpenID, OAuth, OpenSocial, PortableContacts and probably more. Plaxo has been on the forefront of the OpenWeb and portability of information, particularly address book information across the web. Their technology was attractive enough for them to be acquired by Comcast earlier this year for a rumored $150-170M. This talk will probably be similar to the one given to Google Developers back in May 2008.

This is a fast moving development space so it will be interesting to see how things have evolved since the first talk in April 2008 at the Web 2.0 Expo San Francisco.

Off we go......

"The Web is going social"

OpenI, Oauth, OpenSocial, Microformats.... Jabber is the forgotten standard that is a critical glue component around XMPP. Yes, the stream that Twitter keeps controlling.

"The Social Web of today is broken"

Each web site assumes they are the first to ever be social. Yet another silo gets created. Or they give up and become a widget inside Facebook.

Help is on the way....

New building blocks:

- Who I am

- Who I know

- What's going on

Who I am

Create a portable, durable online identity. On the web we pretend we have never met before. But that is changing.


- Sign up with an existing account

- Link and share your profile data between sites.

This is a powerful building block. You can build a trusted connection that allows you to share information between the sites.

AOL, Yahoo and soon MySpace are OpenID providers. Google also does this for some of their properties.

You can consolidate your identity though microformats using


Only I can put a me link on my web pages.

Most sites that ask for your home url and they add rel=me links. This allows the Social Graph to be trawled.

The advantage for site owners is that you don't need to get members to upload photo, videos and other content. Yet it can still be available to you.

This is an open standard so you can build this content on your own web sites.

Build and maintain real relationships

Contact APIs

- Find people from your current address book

- leverage previously established relationships.

Web mail address books have been the best source of information up to now.

Google, Yahoo and others have implemented these contact apis so you don't need to reveal your userid and password.


- Share private data between trusted sites.

This has been a big success in the last year. It is a standard way of granting access to another site.

The big advantage is that you can apply a scope to the access. It could limit the type of operations that are possible or the duration for which it is available.

Friends-List Portability

OAuth allows updating of your friends list. ie. Continuous discovery.

What's going on?


- Build social apps that can run anywhere.


- Syndicate your activity to share with others

- A general mechanism to share updates. Couple with OAuth to limit access via a protected channel.

Jabber (XMPP)

- Real time update stream between sites.

This is an inherently federated protocol. It is a core part of and

GNIP is a middleware provider that is making this easy for service providers.

How is this evolving?

- Emerging Identity Providers. The big portals are adopting these standards to retain users.

- Content Aggregators. As the number of site grow then a middleman acting as a discovery engine will be useful.

- Social Graph Providers. Leveraging friends lists.

XRDS-Simple - A simple service directory document.


This is a simple standard, similar to vCard and built on OpenSocial that enables the discovery of contact information. OpenSocial will integrate PortableContacts.

The Emerging Scenario is

OpenID to sign in.

Looks for X-XRDS-Location

XRDS-Simple to discover availablew APIs

WWW-Authenticate specifies OAuth

OAuth Discovery via XRDS provides OAuth endpoints.

After OAuth grants access users get a token that enables access.

This provides an end-to-end process for reaching a site and accessing contact information without requiring custom code to be developed for each site.

We are moving towards Write Once and Work.

While providers use different terms they support the same handshake:

- Facebook connect

- Myspace dataavailablity

- Yahoo Y!OS

- Google FriendConnect

- Plaxo Pulse

Facebook is the outlier - the only one not using standards. However they conceptualize the same way and could at somepoint swap out standards "under the hood."

Developers are advised to use the open stack. Once implemented it will be easy to adopt the same handshake process with Facebook.

Brady Forrest asked a great question: Usability with OpenID is an issue that "freaks out Grandmas"

The good point is that because the big players are using open standards the work they are now focusing on to improve usability will feed back in to the Open stack. Some good work is going on how to explain the process to users.


No comments:

Post a Comment