Home >  Archive >  2011 >  August >  15

Previous / Next

Christmas Tree
This site contributes to the scripting.com community river.
About the author

A picture named daveTiny.jpgDave Winer, 56, is a visiting scholar at NYU's Arthur L. Carter Journalism Institute and editor of the Scripting News weblog. He pioneered the development of weblogs, syndication (RSS), podcasting, outlining, and web content management software; former contributing editor at Wired Magazine, research fellow at Harvard Law School, entrepreneur, and investor in web media companies. A native New Yorker, he received a Master's in Computer Science from the University of Wisconsin, a Bachelor's in Mathematics from Tulane University and currently lives in New York City.

"The protoblogger." - NY Times.

"The father of modern-day content distribution." - PC World.

"Dave was in a hurry. He had big ideas." -- Harvard.

"Dave Winer is one of the most important figures in the evolution of online media." -- Nieman Journalism Lab.

10 inventors of Internet technologies you may not have heard of. -- Royal Pingdom.

One of BusinessWeek's 25 Most Influential People on the Web.

"Helped popularize blogging, podcasting and RSS." - Time.

"The father of blogging and RSS." - BBC.

"RSS was born in 1997 out of the confluence of Dave Winer's 'Really Simple Syndication' technology, used to push out blog updates, and Netscape's 'Rich Site Summary', which allowed users to create custom Netscape home pages with regularly updated data flows." - Tim O'Reilly.

8/2/11: Who I Am.

Contact me

scriptingnews1mail at gmail dot com.

Facebook

Twitter

Friendfeed

My sites
Recent stories

Recent links

My 40 most-recent links, ranked by number of clicks.

My bike

People are always asking about my bike.

A picture named bikesmall.jpg

Here's a picture.

Calendar

August 2011
Sun
Mon
Tue
Wed
Thu
Fri
Sat
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
 

Jul   Sep

Warning!

A picture named warning.gif

FYI: You're soaking in it. :-)


A picture named xmlMini.gif
Dave Winer's weblog, started in April 1997, bootstrapped the blogging revolution.

Simple, lightweight identity service Permalink.

A picture named funnel.gifTwitter filled a lot of needs when it came on the scene because it had a simple API, and promised to do something that wasn't just useful to people, it was also important for apps. It was a simple lightweight always-up (theoretically) notification service. One app could listen on a Twitter socket for a message that could be sent by any number of other apps, running anywhere on the net. This idea had so much potential and is one of the reasons Twitter was so attractive to developers.

I think the founders of Twitter had this vision too, but from the other side. My guess is they thought it was a neat idea to have something that was both usable by people and apps to do this one very simple thing.

Along the way Twitter became useful for other simple things, for apps. When I wanted to throw together a simple app and make it usable by other people, rather than create my own identity server, I would just use Twitter's. I'd ask the user for his or her Twitter username and password, and throw it over my shoulder to Twitter, asking if there is such a user with that password. It saved me the trouble of having to ask for a username, manage an account, etc. I knew there was only one user with a given name, because Twitter enforced that rule for me. I also used identi.ca and FriendFeed this way in different apps. Basically, any web service that could authenticate a username and password would do.

I realized, in the last year or so, that I wouldn't be able to continue to use Twitter in this way, for a couple of reasons:

1. The simple indentity service is gone, replaced by something more complex, based on OAuth.

2. Twitter has become more of a managed platform, less of a resource that anyone can use any way they would like.

So, I set out to design a very simple, lightweight identity service. One I could use in my own apps, the way I had been using Twitter.

It didn't take long to design because there's plenty of prior art, and because it doesn't do anything more than validate username and password combinations.

A few weeks ago I had a draft spec with a working implementation. I sent the spec to a small number of distinguished reviewers: Marco Arment, Dries Buytaert, Phillip Greenspun, Andrew Grumet, Joe Hewitt, Joe Moreno, Joel Spolsky, Sandy Wilbourn, Phil WIndley.

I got a whole bunch of ideas and critiques, and implemented many of them, updating the spec accordingly.

I found this way worked a lot better than developing something and then offering it immediately, publicly. Normally I wouldn't get this much feedback and it wouldn't be so thoughtful.

Anyway, this is a heads-up that I will be publishing the spec as a draft in the next few days. But first I want to establish the motivation (that's the purpose of this piece), then explain the philosophy about standards (this is in no way intended to be one) and what prior art influenced me. If other people find this useful, I hope there will be implementations in other languages. And there will need to be ancillary services.

One of the reviewers said he couldn't believe there wasn't already something like this out there. The answer is of course, there was -- it's one of the things Twitter could have been. If I were in their shoes, three or four years ago, I might have stripped the service down to just identity and let a thousand flowers bloom in services built around it. That was certainly one of the possibilities. But they didn't go that way, so the need for an alternate simple lightweight identity service was created.



© Copyright 1997-2011 Dave Winer. Last build: 12/12/2011; 1:28:11 PM. "It's even worse than it appears."

RSS feed for Scripting News


Previous / Next