Thinkstick!

Some Thoughts on OpenID vs. Facebook Connect

John McCrea of Plaxo has written a cleverly titled guest post on TechCrunchIT, Facebook
Connect and OpenID Relationship Status: “It’s Complicated”, where he makes the
argument that Facebook Connect is a competing technology to OpenID but the situation
is complicated by Facebook developers engaging in discussions with the OpenID. He
writes

You see, it’s been about a month since the first implementation of Facebook Connect
was spotted
in the wild over at CBS’s celebrity gossip site, TheInsider.com. Want
to sign up for the site? Click a single button. A little Facebook window pops up to
confirm that you want to connect via your Facebook account. One more click – and you’re
done. You’ve got a new account, a mini profile with your Facebook photo, and access
to that subset of your Facebook friends who have also connected their accounts to
TheInsider. Oh, and you can have your activities on TheInsider flow into your Facebook
news feed automatically. All that, without having to create and remember a new username/password
pair for the site. Why, it’s just like the vision for OpenID and the Open Stack –
except without a single open building block under the hood!



After the intros, Allen Tom of Yahoo, who organized the event, turned the first
session over Max Engel of MySpace, who in turn suggested an alternative – why not
let Facebook’s Julie Zhuo kick it off instead? And for the next hour, Julie took us
through the details of Facebook Connect and the decisions they had to make along the
way to get the user interface and user experience just right. It was not just a presentation;
it was a very active and engaged discussion, with questions popping up from all over
the room. Julie and the rest of the Facebook team were engaged and eager to share
what they had learned.

What the heck is going on here? Is Facebook preparing to go the next step of open,
switching from the FB stack to the Open Stack? Only time will tell. But one thing
is clear: Facebook Connect is the best thing ever for OpenID (and the rest of the
Open Stack). Why? Because Facebook has set a high bar with Facebook Connect that is
inspiring everyone in the open movement to work harder and faster to bring up the
quality of the UI/UX for OpenID and the Open Stack.

There are a number of points worth discussing from the above excerpt. The first is
the implication that OpenID is an equivalent technology to Facebook Connect. This
is clearly not the case. OpenID just allows you to delegate to act of authenticating
a user to another website so the user doesn't need to create credentials (i.e. username
+ password) on your site. OpenID alone doesn't get you the user's profile data nor
does it allow you to pull in the authenticated user's social graph from the other
site or publish activities to their activity feed. For that, you would need other
other "Open brand" technologies like OpenID
Attribute Exchange, Portable
Contacts and OpenSocial.
So it is fairer to describe the contest as Facebook Connect vs. OpenID + OpenID Attribute
Exchange + Portable Contacts + OpenSocial.

The question then is who should we root for? At the end of the day, I don’t think
it makes a ton of sense for websites to have to target umpteen different APIs that
do the same thing instead of targeting one standard implemented by multiple services.
Specifically, it seems ridiculous to me that TheInsider.com will have to code against
Facebook Connect to integrate Facebook accounts into their site but code against something
else if they want to integrate MySpace accounts and yet another API if they want to
integrate LinkedIn accounts and so on. This is an area that is crying out for standardization.

Unfortunately, the key company providing thought leadership in this area is Facebook
and for now they are building their solution with proprietary technologies
instead of de jure or de facto ("Open brand") standards. This is unsurprising
given that it takes three or four different specs in varying states of completeness
created by different audiences deliver the scenarios they are currently interested
in. What is encouraging is that Facebook developers are working with OpenID implementers
by sharing their knowledge. However OpenID isn't the only technology needed to satisfy
this scenario and I wonder if Facebook will be similarly engaged with the folks working
on Portable Contacts and OpenSocial.

Facebook Connect is a step in the right direction when it comes to bringing the vision
of social
network interoperability to fruition. The key question is whether we will see effective open
standards emerge that will target the same scenarios [which eventually even Facebook
could adopt] or whether competitors will offer their
own proprietary alternatives? So far it sounds like the latter is happening which
means unnecessary reinvention of the wheel for sites that want to support "connecting"
with multiple social networking sites.

PS: If OpenID
phishing is a concern now when the user is redirected to the ID provider’s site
to login, it seems Facebook Connect is even worse since all it does is provide a pop
over. I wonder if this is because the Facebook folks think the phishing concerns are
overblown.

Note Now
Playing: 2PacMind
Made Up (feat. Daz, Method Man & Redman) Note

Published by  Published by xFruits

Original source : http://www.25hoursaday.com/weblog/2008/10/24/SomeT…

Stick

Leave a Reply

Your email address will not be published. Required fields are marked *