This is David Recordon's TypePad Profile.
Join TypePad and start following David Recordon's activity
Join Now!
Already a member? Sign In
David Recordon
San Francisco, CA
Interests: scuba diving
Recent Activity
Richard, we've discussed this many times. The OpenID Foundation does not run an OpenID service. You will need to contact whomever you registered your OpenID with, not me.
Toggle Commented Oct 4, 2010 on OpenID: technology or a movement? at David Recordon
1 reply
I certainly don't want to explain SAML to end users! ;)
Toggle Commented Sep 23, 2010 on OpenID: technology or a movement? at David Recordon
1 reply
OpenID: technology or a movement?
There's been an interesting discussion on the OpenID mailing lists the past few days stemming from my post Seven sites you didn’t know were using OpenID. The main argument is that because many of these sites aren't letting people use any OpenID, that we shouldn't be promoting them. To me this stems from a deeper question about what OpenID actually is. On one hand OpenID is clearly a technology. Created in 2005, OpenID 1.1 allowed for basic authentication of people who were represented by profile URLs across the web. But OpenID 2.0 is a pretty different technological beast. It supported both URLs and XRIs which made discovery overly complex, features such as clicking a button to sign in versus typing a full URL, and was designed to be extensible which led to richer profile data and stronger authentication. Today OpenID... Continue reading
Posted Sep 22, 2010 at David Recordon
Comment
16
I think that you may be misunderstanding how I was describing discovery for OpenID Connect. I used the example of davidrecordon.com to show that it absolutely must be decentralized and support the ability for anyone to host their identity anywhere they'd like (including on their own server!). While I believe that many people will choose to use larger services, the ability to run your own OpenID server is absolutely critical. (This is similar to email today; anyone can run an email server but the vast majority of people trust large services to host theirs.) As I think multiple people have explained to you in the past, the OpenID Foundation does not run an OpenID Provider on openid.net or any other domain. You must contact the provider you were using and not us!
Toggle Commented Sep 20, 2010 on The three types of OpenID Connect identifiers at David Recordon
1 reply
In true Simon Willison style
The past twenty days have been a real whirlwind in terms of new sites adopting OpenID for sign in. Some of the larger deployments have made the news (Google and Yahoo! Store), but here are seven others you’ve likely not heard about. — OpenID Blog Continue reading
Posted Sep 20, 2010 at David Recordon
Comment
3
For the underlying user identifier, take a look at http://lists.openid.net/pipermail/openid-specs-connect/2010-August/000005.html which is what's hopefully the start of a great discussion on the working group about the exact topic you raised. Yep, the profile URL isn't something you're directly proving control over unlike in OpenID 1.0 and 2.0. It would be returned via the user info API but is worth calling out in this context as it was previously thought of as the main identifier in OpenID.
Toggle Commented Aug 24, 2010 on The three types of OpenID Connect identifiers at David Recordon
1 reply
What was the # used for? OpenID 2.0 used it to version identifiers but it was a pretty big hack that never worked in reality. That's one of the reasons I think that we should separate profile URLs (where you care about recycling the namespace) from the underlying user identifier which should be HTTPS and never reassigned.
Toggle Commented Aug 13, 2010 on The three types of OpenID Connect identifiers at David Recordon
1 reply
The three types of OpenID Connect identifiers
OpenID 2.0 has tension between the identifier being secure and globally unique, memorable, and human friendly. OpenID Connect must split them apart. Continue reading
Posted Aug 13, 2010 at David Recordon
Comment
10
I normally think that GoDaddy is out to scam me in...
Image
I normally think that GoDaddy is out to scam me in any way possible, but this is the most clear communication about a terms of service change that I've ever received! Continue reading
Posted Aug 10, 2010 at David Recordon
Comment
1
Standards are best served second
I'm up in Portland today at the first Federated Social Web Summit and there have been a number of interesting presentations about open source projects trying to build interoperable social experiences. The morning has also been fairly packed with emerging technology buzzword bingo. At times it felt as if people were starting with the technologies and protocols and only then trying to find a product that needs PubSubHubbub enabled JSON hCards federated via OStatus! The Diaspora talk jumped out to me as they twice said, "we've implemented this product feature as a prototype, it works, and now we want to talk about the standard version of it." That's the right way to build standards. Have a product problem, solve it, and then iterate with others on an open specification. But most importantly, don't be afraid of starting over (while learning... Continue reading
Posted Jul 18, 2010 at David Recordon
Comment
4
Kevin Marks and I were talking about Mark's book a bit last night. First of all, it's awesome! It's the most approachable resource for web developers around HTML5. That said, it still doesn't seem like what is included in Mark's book is an authoritative definition of "HTML5". For example, it includes Microdata and doesn't mention "HTML5 Notifications". Someone other than browser vendors' marketing teams need to define what technologies are a part of HTML5 for web developers based on what is actually supported by the major browsers in non-beta releases. Obviously this definition will evolve over time.
Toggle Commented Jun 6, 2010 on What is HTML5? at David Recordon
1 reply
What is HTML5?
While treating HTML5 as a broad umbrella brand helps everyone feel like there's a chance to have their problem solved as a part of it, website owners aren't clear on what's worth shipping when. As an outsider it feels like having a simple "implement this stuff to make your website support HTML5" page based on what non-beta versions of browsers have shipped would be incredibly useful. Continue reading
Posted Jun 5, 2010 at David Recordon
Comment
4
David Recordon added a photo at Make A Face
Thumbnail
Jan 22, 2010
Take a look at http://sites.google.com/site/oauthgoog/UXFedLogin for a bunch of research Google did in this area.
Toggle Commented Nov 13, 2009 on Log in or sign up? at Leah Culver's Blog
1 reply
David Recordon added a favorite at Zachary Quinto
Jul 27, 2009
David Recordon is now following Rachel Frederick
Jul 17, 2009
David Recordon is now following Benjamin
Jul 15, 2009
David Recordon is now following Dave Aiello
Jul 15, 2009
David Recordon is now following Ginger T
Jul 15, 2009
David Recordon is now following Trent
Jul 15, 2009
David Recordon is now following whitaker
Jul 15, 2009
David Recordon is now following Martin Atkins
Jul 15, 2009
David Recordon is now following nobi
Jul 15, 2009
Voted! Though you should make the image link to the vote as well. :)
Toggle Commented Jul 8, 2009 on That's not the only thing I'm doing too hard... at A dollop of daisy
1 reply
Subscribe to David Recordon’s Recent Activity
toppledwagon
Nick
Claire Alcock
Brad Choate
David Goldberg
View all »
alise7815
Satoshi Tanimoto
flora curt
Monotypper
bestmobilenow
ksmyth
View all »
6 Favorites
Blogs and Sites
Communities
Around The Web