The Open, Social Web Workshop

50 %
50 %
Information about The Open, Social Web Workshop
Technology

Published on July 21, 2009

Author: factoryjoe

Source: slideshare.net

Description

Presented by Chris Messina (OpenID Foundation), David Recordon (Six Apart), Joseph Smarr (Plaxo). As evidenced by Barack Obama’s successful presidential campaign, we have clearly entered the age of the social web. This developer-oriented workshop will emphasize the use and application of free, open building blocks for enabling social networking features on your site or service, and provide illuminating insights from some of the key figures creating these technologies.

http://en.oreilly.com/oscon2009/public/schedule/detail/8575

THE OPEN, SOCIAL WORKSHOP Chris Messina • David Recordon • Joseph Smarr • OSCON • July 20, 2009 • San Jose, CA

Who are we? chrismessina daveman692 jsmarr *Photo by termie

Who are you?

W E L C O M E TO TH E S OCIAL WEB

It begins with Web 2.0

“Web 2.0 is the network as platform, spanning all connected devices; Web 2.0 applications are those that make the most of the intrinsic advantages of that platform: delivering software as a continually-updated service that gets better the more people use it, consuming and remixing data from multiple sources, including individual users, while providing their own data and services in a form that allows remixing by others, creating network effects through an “architecture of participation,” and going beyond the page metaphor of Web 1.0 to deliver rich user experiences.” — Tim O’Reilly, Web 2.0: Compact Definition? Photo by Dan Farber

“Web 2.0 is the business revolution in the computer industry caused by the move to the internet as platform, and an attempt to understand the rules for success on that new platform. Chief among those rules is this: Build applications that harness network effects to get better the more people use them. (This is what I’ve elsewhere called ‘harnessing collective intelligence.’)” — Tim O’Reilly Photo by Dan Farber

Tim O’Reilly’s five rules The perpetual beta becomes a process for engaging customers. Share and share-alike data, reusing others’ and providing APIs to your own. Ignore the distinction between client and server. On the net, open APIs and standard protocols win. Lock-in comes from data accrual, owning a namespace or non-standard formats.

“So what’s the seminal development that’s ushering in the era of Web 3.0? It’s the real arrival, after years of false predictions, of the thin client, running clean, simple software, against cloud-based data and services. The poster children for this Bullshit. new era have been the Apple iPhone and iPod Touch, which have sold 37 million units in less than two years and attracted 35,000 apps and one billion app downloads in just nine months.” — Walt Mossberg and Kara Swisher, Welcome to Web 3.0

Bullshit.

“After all, Web 2.0 was not a new version of the web, but a name that tried to capture what distinguished the companies that survived the dotcom bust from those that survived, and point the way forward for new companies entering the market.” — Tim O’Reilly, responding to Mossberg and Swisher Photo by Dan Farber

Building blocks of the social web

Who I am Who I know What’s going on

Identity Relationships Activities

Identity

Relationships

Activities

Trends

The rise of social networking Photo by Mike Wooldridge

WWW

WWW icons by iconaholic.com

? ? ? ? WWW ? ? ? ? icons by iconaholic.com

The iPhone era

Everyware computing

Everyware computing

DATA INSIDE! “It’s like flying on an iPhone!” Photo by Sathish J

Growing comfort with real identity

Growing comfort with real identity

Developer tools focusing on social

Tim O’Reilly’s five rules The perpetual beta becomes a process for engaging customers. Share and share-alike data, reusing others’ and providing APIs to your own. Ignore the distinction between client and server. On the net, open APIs and standard protocols win. Lock-in comes from data accrual, owning a namespace or non-standard formats. Photo by Dan Farber

Tim O’Reilly’s five rules The perpetual beta becomes a process for engaging customers. Share and share-alike data, reusing others’ and providing APIs to your own. Ignore the distinction between client and server. On the net, open APIs and standard protocols win. Lock-in comes from data accrual, owning a namespace or non-standard formats. Photo by Dan Farber

• facebook.com/chrismessina • friendfeed.com/chrismessina • google.com/profiles/chrismessina • twitter.com/chrismessina

• facebook.com/chrismessina • friendfeed.com/chrismessina • google.com/profiles/chrismessina • twitter.com/chrismessina

@chrismessina

/chrismessina

http://twitter.com/chrismessina

http://facebook.com/chrismessina

Etc.

Mazlow’s Hierarchy of Needs morality, creativity, spontaneity, problem solving, lack of prejudice, Self-actualization acceptance of facts self-esteem, confidence, achievement, respect of others, Esteem respect by others friendship, family, sexual intimacy Love/belonging security of: body, employment, resources, Safety morality, the family, health, property breathing, food, water, sex, sleep, homeostasis, excretion Physiological

People want to share and be connected “Of the 1.1 billion people age 15 and older worldwide who accessed the Internet from a home or work location in May 2009, 734.2 million visited at least one social networking site during the month, representing a penetration of 65 percent of the worldwide Internet audience. [...] “Social networking has become a popular online pastime not only in mature Internet markets like North America, but also in developing, high-growth Internet markets such as Russia,” said Mike Read, SVP & managing director, comScore Europe. “In a country as geographically large as Russia, social networking represents a way of connecting people from one corner of the country to the other. The highly engaged behavior of social networkers in Russia offers significant opportunity for marketers and advertisers seeking to reach these audiences.” — comScore, July 2, 2009 *Source: comScore

B UI L DI N G O N TH E S OCIAL WEB

How is building today different?

Patterns

On-ramps for new users

Photo by Bridget AMES

nID Logo - Revision 3 Client: OpenID Foundation 2007-11-26 Prepared by: Randy Reddig S

Demo!

Large US OpenID Providers • AOL • Google • Microsoft (in “developer preview”) • MySpace • Yahoo!

Creating your own OpenID Provider factoryjoe.com +

Using the WordPress OpenID plugin <html> <head> <link rel="openid2.provider" href="http://factoryjoe.com/openid/server" /> <link rel="openid2.local_id" href="http://factoryjoe.com /author/admin/" /> <link rel="openid.server" href="http://factoryjoe.com/openid/server" /> <link rel="openid.delegate" href="http://factoryjoe.com /author/admin/" /> </head> <body> ... </body> </html>

Delegating to MyOpenID <html> <head> <link rel="openid2.provider" href="https://www.myopenid.com/server" /> <link rel="openid2.local_id" href="https://factoryjoe.myopenid.com/" /> <link rel="openid.server" href="https://www.myopenid.com/server" /> <link rel="openid.delegate" href="https://factoryjoe.myopenid.com/" /> </head> <body> ... </body> </html>

OpenID Usability

factoryjoe

user@email.com

friendster

Hotmail

elderly

I HATE YOU!!!!!!!!!!!!!!!!!!!!!!!!LADY GAAAGGG

Previous attempts

Emerging work: pop-up flow (shipped by Facebook, Google and JanRain)

http://boogle.com Courtesy Balsamiq

http://boogle.com

http://boogle.com http://boogle.com/signin

http://boogle.com

http://boogle.com/#finish Welcome back, Chris Sign out

The NASCAR Problem Photo by Timothy Vogel

• What’s your address?

• What’s your address? • What’s your phone number?

• What’s your address? • What’s your phone number? • What’s your AOL screenname?

• What’s your address? • What’s your phone number? • What’s your AOL screenname? • What’s your email address?

• What’s your address? • What’s your phone number? • What’s your AOL screenname? • What’s your email address? • What’s your MySpace?

• What’s your address? • What’s your phone number? • What’s your AOL screenname? • What’s your email address? • What’s your MySpace? • Twitter?

• What’s your address? • What’s your phone number? • What’s your AOL screenname? • What’s your email address? • What’s your MySpace? • Twitter? • Are you on Facebook?

• What’s your address? • What’s your phone number? • What’s your AOL screenname? • What’s your email address? • What’s your MySpace? • Twitter? • Are you on Facebook? • What’s your OpenID?

Break

Adding teh social

The Password Anti-pattern

Stopping ReFriend Madness

As Simple as JavaScript

Increasing engagement by *connecting

Anatomy of “Connect” • Profile (identity, accounts, profiles) • Relationships (followers, friends, contacts) • Content (posts, photos, videos, links) • Activity (poked, bought, shared, blogged) • Goal: Discovery of people and content

Viewing Virtuous Cycle of Sharing Sharing

Portable Contacts API • Simple JSON API for sharing, filtering and searching contacts between social web sites. • Implemented as a part of OpenSocial and thus deployed on large sites such as MySpace. • Integrated with OpenID and OAuth in Gmail.

{ "startIndex": 10, "itemsPerPage": 10, "totalResults": 12, { "id": "703887", "displayName": "Mark Hashimoto", "name": { "familyName": "Hashimoto", "givenName": "Mark" }, "birthday": "0000-01-16", "gender": "male", "drinker": "heavily", "tags": [ "plaxo guy" ], "emails": [ { "value": "mhashimoto-04@plaxo.com", "type": "work", "primary": "true" }, { "value": "mhashimoto@plaxo.com", "type": "home" } ],

"value": "http://sample.site.org/photos/12345.jpg", "type": "thumbnail" } ], "ims": [ { "value": "plaxodev8", "type": "aim" } ], "addresses": [ { "type": "home", "streetAddress": "742 Evergreen TerracenSuite 123", "locality": "Springfield", "region": "VT", "postalCode": "12345", "country": "USA", "formatted": "742 Evergreen TerracenSuite 123nSpringfield, VT 12345 USA" } ], "accounts": [ { "domain": "plaxo.com", "userid": "2706" } ] } ] }

{ "id": "1", "name": "Chris Messina", "urls": [ { "value": "http://factoryjoe.com/blog", "type": "blog" } ] }, { "id": "2", "name": "Joseph Smarr", "emails": [ { "value": "joseph@plaxo.com", "type": "work", "primary": "true" }, { "value": "jsmarr@gmail.com", "type": "home" } ], } } filterBy=name&filterOp=startswith&filterValue=Chr

{ "id": "1", "name": "Chris Messina", "urls": [ { "value": "http://factoryjoe.com/blog", "type": "blog" } ] } } filterBy=name&filterOp=startswith&filterValue=Chr

{ { "id": "2", "name": "Joseph Smarr", "emails": [ { "value": "joseph@plaxo.com", "type": "work", "primary": "true" }, { "value": "jsmarr@gmail.com", "type": "home" } ], } } filterBy=email&filterOp=contains&filterValue=plaxo.com

Google’s Social Graph API

Discovery in the cloud

c: icon by Seedling Design

http:// icon by Seedling Design

http:// icons by Seedling Design and Fast Icon

http:// icons by Seedling Design, etc

factoryjoe.com icons by Seedling Design

Emerging Work! XRD + LRDD

OpenID <?xml version="1.0" encoding="UTF-8"?> <xrds:XRDS xmlns:xrds="xri://$xrds" xmlns:openid="http://openid.net/xmlns/1.0" xmlns="xri://$xrd*($v*2.0)"> <XRD> <Service priority="0"> <Type>http://specs.openid.net/auth/2.0/signon</Type> <Type>http://openid.net/sreg/1.0</Type> <Type>http://openid.net/extensions/sreg/1.1</Type> <Type>http://schemas.openid.net/pape/policies/2007/06/phishing-resistant</Type> <Type>http://schemas.openid.net/pape/policies/2007/06/multi-factor</Type> <Type>http://schemas.openid.net/pape/policies/2007/06/multi-factor-physical</Type> <URI>https://pip.verisignlabs.com/server</URI> <LocalID>https://recordond.pip.verisignlabs.com/</LocalID> </Service> </XRD> </xrds:XRDS>

Portable Contacts <?xml version="1.0" encoding="UTF-8"?> <xrds:XRDS xmlns:xrds="xri://$xrds" xmlns:openid="http://openid.net/xmlns/1.0" xmlns="xri://$xrd*($v*2.0)"> <XRD version="2.0"> <Type>xri://$xrds*simple</Type> <Service> <Type>http://portablecontacts.net/spec/1.0</Type> <URI>http://pulse.plaxo.com/pulse/pdata/contacts</URI> </Service> <Service priority="0"> <Type>http://specs.openid.net/auth/2.0/signon</Type> <Type>http://openid.net/sreg/1.0</Type> <Type>http://openid.net/extensions/sreg/1.1</Type> <Type>http://schemas.openid.net/pape/policies/2007/06/phishing-resistant</Type> <Type>http://openid.net/srv/ax/1.0</Type> <URI>http://www.myopenid.com/server</URI> <LocalID>http://brian.myopenid.com/</LocalID> </Service> </XRD> </xrds:XRDS>

How it works

Data access with OAuth

A protocol for developing password-less APIs. Your valet key for the web.

Advanced OAuth Wrangling Kellan Elliott-McCrea XTech 2008: The Web on the Move http://www.slideshare.net/kellan/advanced-oauth-wrangling

On the desktop

4D56

On the phone

chris@domain.com ••••••••

The OpenID/OAuth Hybrid

+

TOC 8. Requesting Authentication When requesting OpenID Authentication via the protocol mode "checkid_setup" or "checkid_immediate", this extension can be used to request that the end user authorize an OAuth access token at the same time as an OpenID authentication. This is done by sending the following parameters as part of the OpenID request. (Note that the use of "oauth" as part of the parameter names here and in subsequent sections is just an example. See Section 5 for details.) openid.ns.oauth REQUIRED. Value: "http://specs.openid.net/extensions/oauth/1.0". openid.oauth.consumer REQUIRED. Value: The consumer key agreed upon in Section 7 . openid.oauth.scope OPTIONAL. Value: A string that encodes, in a way possibly specific to the Combined Provider, one or more scopes for the OAuth token expected in the authentication response. TOC 9. Authorizing the OAuth Request If the OpenID OAuth Extension is present in the authentication request, the Combined Provider SHOULD verify that the consumer key passed in the request is authorized to be used for the realm passed in the request. If this verification succeeds, the Combined Provider SHOULD determine that delegation of access from a user to the Combined Consumer has been requested. The Combined Provider SHOULD NOT issue an approved request token unless it has user consent to perform such delegation. TOC 10. Responding to Authentication Requests If the OpenID authentication request cannot be fulfilled (either in failure mode "setup_needed" or "cancel" as in Sections 10.2.1 and 10.2.2 of [OpenID] ) then the OAuth request SHOULD be considered to fail and the Provider MUST NOT send any OpenID OAuth Extension values in the response. The remainder of this section specifies how to handle the OAuth request in cases when the OpenID authentication response is a positive assertion (Section 10.1 of [OpenID] ). If the end user does wish to delegate access to the Combined Consumer, the Combined Provider MUST include and MUST sign the following parameters. openid.ns.oauth REQUIRED. Identical value as defined in Section 8 . openid.oauth.request_token REQUIRED. A user-approved request token. openid.oauth.scope OPTIONAL. A string that encodes, in a way possibly specific to the Combined Provider, one or more scopes that the returned request token is valid for. This will typically indicate a subset of the scopes requested in Section 8 . To note that the OAuth Authorization was declined or not valid, the Combined Provider SHALL only respond with the parameter

2 Clicks Demo!

What Plaxo found • Better for the user: higher success rate with no password anti-pattern • Better for the provider: Happy users and no automated data scraping • Better for the site: Higher conversion rate; more informed social graph

An Open Stack is emerging

Evolving the Open Stack Mashups OpenSocial Attributes OpenID/AX ... Contacts Portable Contacts Authentication OpenID/Auth Access Control OAuth Metadata Discovery YADIS, XRDS-Simple, XRD Unique Identifiers URLs, email addresses As proposed by Johannes Ernst

Success stories

“We launched OpenID in March 2008 with Highrise. About 15% of the logins are now using OpenID.” — David Heinemeier Hansson, 37Signals

“Deployments for their customers – Twitter and Songbird – are seeing OpenID utilization of 20% or more.” — Eirc Eldon, VentureBeat

ReadWriteWeb ReadWriteTalk Enterprise Jobwire About Subscribe Co RSS RWW Da Your em RSS RWW W Your em Search ReadWriteWeb Home Products Trends Best of RWW Archives Comcast Property Sees 92% Success Rate With New Mobile retail software designed for in-store ret OpenID Method counting, receiving etc. Written by Marshall Kirkpatrick / February 10, 2009 2:33 PM / 22 Comments « Prior Post Next Post » www.handpoint.com Dell Business Comput The most-watched geek event of the day has to be the OpenID UX Business Computer Pow (User Experience) Summit, hosted at the Facebook headquaters. The Core™ 2 Duo On Sale www.nz.dell.com most discussed moment of the day will surely be the presentation by Comcast's Plaxo team. New Zealand Site Features 130,000 Memb Plaxo and Google have collaborated on an OpenID method that may It's So Popular! www.smilecity.co.nz represent the solution to OpenID's biggest problems: it's too unknown, it's too complicated and it's too arduous. Today at the User Experience Summit, Plaxo announced that early tests of its new OpenID login system had a 92% success rate - unheard of in the industry. OpenID's usability problems appear RWW SPONSORS closer than ever to being solved for good. This experimental method refers to big, known brands where users were already logged in, it requires zero typing - just two clicks - and it takes advantage of the OpenID authentication opportunity to get quick permission to leverage the well established OAuth data swap to facilitate immediate personalization - at the same time, with nothing but 2 clicks required of users. Plaxo, primarily known for the noxious flood of spam emails it delivered in its early days, is now an online user activity data stream aggregator owned by telecom giant Comcast. The Plaxo team has been at the forefront of the new Open Web paradigm best known for the OpenID protocol.

*Source: Janrain OpenID adoption across the web continues to grow

UserVoice Identity Providers Source: Janrain - Why Websites Should Accept Multiple Third Party Identity Account Logins

Interscope Identity Providers Source: Janrain - Why Websites Should Accept Multiple Third Party Identity Account Logins

sulit.com.ph Identity Providers Source: Janrain - Why Websites Should Accept Multiple Third Party Identity Account Logins

G E T T I N G INVOLVED & C O N TR IBUT IN G

Open source in the cloud era

Yoism: the world’s first open source religion

“The price of freedom is eternal vigilance.” —thomas jefferson

our ^ “The price of freedom is eternal vigilance.” —thomas jefferson

Patents, trademarks and copyright

Joining communities

• OpenID Foundation • Open Web Foundation • OpenSocial Foundation • Partuza Project/Shindig • Activity Streams • Microformats • Diso Project

Libraries, frameworks & resources

• Partuza.nl • Shindig • Diso Project • oauth.net/code • Pinax

C O N C L U SION

The open, social web is being built on standards that are free to implement and that encourage competition at the layer of service and user experience.

Q & A

Add a comment

Related presentations

Presentación que realice en el Evento Nacional de Gobierno Abierto, realizado los ...

In this presentation we will describe our experience developing with a highly dyna...

Presentation to the LITA Forum 7th November 2014 Albuquerque, NM

Un recorrido por los cambios que nos generará el wearabletech en el futuro

Um paralelo entre as novidades & mercado em Wearable Computing e Tecnologias Assis...

Microsoft finally joins the smartwatch and fitness tracker game by introducing the...

Related pages

OpenSocial Foundation Moves Standards Work to W3C Social ...

W3C and the OpenSocial Foundation ... which defines the technical standards and APIs to facilitate access to social functionality as part of the Open Web ...
Read more

W3C Workshop on the Future of Social Networking

The W3C organized a Workshop on the Future of Social Networking, ... Open and Privacy-aware Social Web (Dec 2010). Read the workshop report ...
Read more

CEUR-WS.org/Vol-405 - Social Data on the Web 2008

... Open Standards for the Social Web ... Proceedings of the First Social Data on the Web Workshop ... ISSN 1613-0073, online CEUR-WS.org/Vol-405 ...
Read more

Social Media Marketing Workshop | Open ... - UC San Diego

Open Enrollment Social Media Workshop; Certificate Programs; Open Enrollment; ... Here are the instructions how to enable JavaScript in your web browser. ...
Read more

Open Data und Schule: Über den Nutzen offener Daten

... u. a. zuständig für den Web-Auftritt, Social Media und das Open Data ... bei Nationaler Aktionsplan Open Data: Bericht vom Meilenstein-Workshop ...
Read more

Social Networking Workshop | COMSNETS 2017

Since the information contributed by users in social sensing applications is usually open ... web-based social networks. This workshop ... Web; Social ...
Read more

Invitation & CfP Federated Social Web Europe 2011 ...

... and open data, this Social Web is ... Research on user behavior and privacy in social networks. The workshop is expected to attract a broad set ...
Read more

WWW2006 - Workshops

Workshops. The role of the workshop track in ... the social Web or also the two ... that then spread on the open web. The goal of this workshop is to ...
Read more

Workshop | Open Media Web

W3C announced a Fourth W3C Web and TV Workshop: Web and TV Convergence, 12-13 March 2014, in Munich, Germany. The Workshop is hosted by IRT. The TV ...
Read more