the diso project and the open web
TRANSCRIPT
The DiSo Project & The Open Web
Chris Messina Do it with Drupal
December 6, 2008New Orleans
@factoryjoe
#diwd
“Low hills closed in on either side as the train eventually crawled on to high, tabletop grasslands creased with snow. Birds flew at window level. I could see lakes of an unreal cobalt blue to the north. The train pulled into a sprawling rail yard: the Kazakh side of the Kazakhstan-China border.
. . .
“Workers unhitched the cars, lifted them, one by one, ten feet high with giant jacks, and replaced the wide-gauge Russian undercarriages with narrower ones for the Chinese tracks. Russian gauges, still in use throughout the former Soviet Union, are wider than the world standard. The idea was to the prevent invaders from entering Russia by train. The changeover took hours.”
— Robert D. Kaplan, The Ends of the Earth
☭
“Data is the new Intel Inside.”
Photo credit: Adam Tinworth
VS
VS
VS
The Open Web
the battle for the future of the social web has begun
it’s ultimately about freedom through ensuring your ability to choose
Walled Gardens
bands➽
college students➽
professionals➽
everyone!➽
everyone!➽
everyone!*➽
Service-centric design
Service-centric value
Source: Le Monde
Source: Mick Hagen (mickhagen.com)
the “web citizen”
the web citizen has identity
the web citizen has provenance
the web citizen has mobility
the web citizen has friends
the web citizen has enemies
the web citizen has agency
DiSo Concepts
Identity
zachklein.com
Access & Permissions
Basecamp
Plaxo Pulse (importing Flickr)
Flickr & Yahoo! Mash
Brightkite
Fire Eagle & Dopplr
Friends & Contacts
How much are your username and password worth?
wayn.com
imeem.com
PC Load Letter?! What the f...!
The Password Anti-pattern!
Passwords are not confetti.
And yet people throw them around as though they were.
Fortunately there’s a solution.
Dopplr
Messaging & Notifications
factoryjoe.com to walkah.com?
linkedin.com/mom to myspace.com/son
&facebook.com/daughter
???
factoryjoe.com to 504.581.1000?
etc
barackobama.com
DrupliBacon by Chrys
Group(ing)s & Affiliations
barackobama.com
epeus.blogspot.com
techcrunch.com
techcrunch.com
facebook.com
imagine drupal.org enabling people to “join” projects but
maintain their profiles elsewhere.
imagine these people listing the projects they’ve joined on their profiles.
imagine “joining” a project just by linking to it.
Activities & Activity Streams
actor verb object [context]
Chris tweeted Niches bitches! from SMS
Chris bought The Matrix from Amazon.com
Open Stack
the open stack is a series of building blocksfor enabling cross-site social networking
using non-proprietary formats and protocols
usability is issue #1
how does it work?
uservoice.com
conveniencefewer passwords
increasing industry support
MySpace, Google, Yahoo, AOL, Flickr, etc...
SREG
Attribute Exchange
Origin
London, England
consider using OAuth to enable third-party access to user data without requiring passwords
OAuth can also be used for user verification — similar to OpenID but without a claimed ID — you end up
with a token for the user
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US" xml:lang="en-US"> <head profile="http://gmpg.org/xfn/11"> <title> willnorris.com | managing identity </title> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta name="description" content="I’ve moved things around a bit… my blog is now located at /blog and my combined activity stream is now located here on the front page. On December 11, 2008 willnorris tweeted," by="accidental"" i="" meant="" that="" it="" a="" concious="" decision="" to="" add="" openid.="" intensedebate="" just="" happened="" to="" have="" it="" />
<link rel="stylesheet" type="text/css" href="http://willnorris.com/wordpress-content/themes/willnorris/style.css" />
<meta http-equiv="X-XRDS-Location" content="http://willnorris.com/?xrds" /> <meta http-equiv="X-Yadis-Location" content="http://willnorris.com/?xrds" />
<link rel="alternate" type="application/rss+xml" href="http://willnorris.com/feed" title="willnorris.com Posts RSS feed" /> <link rel="alternate" type="application/rss+xml" href="http://willnorris.com/comments/feed" title="willnorris.com Comments RSS feed" /> <link rel="pingback" href="http://willnorris.com/wordpress/xmlrpc.php" />
<?xml version="1.0" encoding="UTF-8" ?><xrds:XRDS xmlns:xrds="xri://$xrds" xmlns="xri://$xrd*($v*2.0)" xmlns:simple="http://xrds-simple.net/core/1.0" xmlns:openid="http://openid.net/xmlns/1.0"> <XRD xml:id="main" version="2.0"> <Type>xri://$xrds*simple</Type>
<!-- OpenID Consumer Service --> <Service priority="10"> <Type>http://specs.openid.net/auth/2.0/return_to</Type> <URI>http://willnorris.com/wordpress/wp-admin/users.php</URI> <URI>http://willnorris.com/wordpress/wp-admin/profile.php</URI> <URI>http://willnorris.com</URI> <URI>https://willnorris.com/wordpress/wp-login.php</URI> </Service>
<!-- Identity in the Browser Login Service --> <Service priority="10"> <Type>http://specs.openid.net/idib/1.0/login</Type> <URI simple:httpMethod="POST">https://willnorris.com/wordpress/wp-login.php</URI> </Service>
<!-- Identity in the Browser Indicator Service --> <Service priority="10"> <Type>http://specs.openid.net/idib/1.0/indicator</Type> <URI>http://willnorris.com/wordpress/?openid_check_login</URI> </Service>
<!-- Email Address to URL Transformation Mapper --> <Service priority="10"> <Type>http://specs.eaut.org/1.0/mapping</Type> <URI>http://willnorris.com/wordpress/?eaut_mapper=1</URI> </Service>
<!-- OpenID Provider Service (0) --> <Service priority="0"> <Type>http://specs.openid.net/auth/2.0/signon</Type> <Type>http://openid.net/extensions/sreg/1.1</Type> <Type>http://openid.net/sreg/1.0</Type> <URI>http://willnorris.com/wordpress/?openid_server=1</URI> <LocalID>http://willnorris.com/author/will/</LocalID> </Service>
<!-- OpenID Provider Service (1) --> <Service priority="1"> <Type>http://openid.net/signon/1.1</Type> <Type>http://openid.net/extensions/sreg/1.1</Type> <Type>http://openid.net/sreg/1.0</Type> <URI>http://willnorris.com/wordpress/?openid_server=1</URI> <openid:Delegate>http://willnorris.com/author/will/</openid:Delegate> </Service>
<!-- AtomPub Service --> <Service priority="10"> <Type>http://www.w3.org/2007/app</Type> <MediaType>application/atomsvc+xml</MediaType> <URI>http://willnorris.com/wordpress/wp-app.php/service</URI> </Service> </XRD></xrds:XRDS>
Drupal should advertise all of its available services and their respective endpoints
using XRDS-Simple
Drupal should also advertise all of a user’s specific services
using XRDS-Simple
Portable Contacts
bring your friends with you and take them with you
when you leave
vcard + OpenSocial schema
Baked into OpenSocial v0.8
This is 50% of the solution to the password anti-pattern.
The other 50% is OAuth.
Fortunately, PoCo requires OAuth.
For Drupal sites that want to enable people to invite
their friends in a safe way, PoCo is the solution
For user profile schema, Drupal should use the PoCo schema to
achieve wide compatibility
test harnesshcard to vcard to PoCo
Plaxo is an early PoCo provider
<?xml version="1.0" encoding="UTF-8"?><xrds:XRDS xmlns:xrds="xri://$xrds" xmlns:openid="http://openid.net/xmlns/1.0" xmlns="xri://$xrd*($v*2.0)"> <XRD version="2.0"> <Type>xri://$xrds*simple</Type> <Service> <Type>http://portablecontacts.net/spec/1.0</Type> <URI>http://pulse.plaxo.com/pulse/pdata/contacts</URI> </Service> <Service priority="0"> <Type>http://specs.openid.net/auth/2.0/signon</Type> <Type>http://openid.net/sreg/1.0</Type> <Type>http://openid.net/extensions/sreg/1.1</Type> <Type>http://schemas.openid.net/pape/policies/2007/06/phishing-resistant</Type> <Type>http://openid.net/srv/ax/1.0</Type> <URI>http://www.myopenid.com/server</URI> <LocalID>http://brian.myopenid.com/</LocalID> </Service> </XRD></xrds:XRDS>
ATOM
of course we need feeds.
ATOM pubsub
some challenge with XML-RPC and OAuth
Consider wider support for publishing to Drupal with ATOM
but webpages can be feeds too!
And as we saw with the jQuery talk, you can do powerful stuff with just HTML and javascript!
hCard for peoplehCalendar for events
XFN for identity & social graphshAudio for music
...etc...
<a href=“http://factoryjoe.com” >My site</a><a href=“http://brynnevans.com” >Brynn</a>
<a href=“http://factoryjoe.com” rel=“me”>My site</a><a href=“http://brynnevans.com” rel=“friend met sweetheart”>Brynn</a>
paved cowpaths of microformats
Source: Paul Downey. Shared under Creative Commons.
it’s good for search enginesand it’s good for designers
why not for Drupal?
Start with syndicating structured data in ATOM
using microformats
Microformats complement other semantic efforts within Drupal.
Start with POSH.
activitystrea.ms
<entry> <id>tag:photopanic.example.com,2008:activity01</id> <title>Geraldine posted a Photo on PhotoPanic</title> <published>2008-11-02T15:29:00Z</published> <link rel="alternate" type="text/html" href="/geraldine/activities/1" /> <activity:verb> http://activitystrea.ms/schema/1.0/post </activity:verb> <activity:object> <id>tag:photopanic.example.com,2008:photo01</id> <title>My Cat</title> <published>2008-11-02T15:29:00Z</published> <link rel="alternate" type="text/html" href="/geraldine/photos/1" /> <activity:object-type> tag:atomactivity.example.com,2008:photo </activity:object-type> <source> <title>Geraldine's Photos</title> <link rel="self" type="application/atom+xml" href="/geraldine/photofeed.xml" /> <link rel="alternate" type="text/html" href="/geraldine/" /> </source> </activity:object> <content type="html"> <p>Geraldine posted a Photo on PhotoPanic</p> <img src="/geraldine/photo1.jpg"> </content></entry>
machine tags?
filtering, coalescing, search, automation
Drupal & DiSo
oauthopenid
services
openidoauthpoco
discovery
groupspubsub
legal frameworkUX design
need help on oauthxrds-simple
permissions framework
Parting Thought
fin.
me -› factoryjoe.com