Factory Joe

NASA 2.0

If you haven’t been wondering what’s up with NASA lately, you’re probably not alone. Though once a bastion for the advancement of humankind, in recent years the space agency has seemingly vanished into a well of bureaucracy and lack of coherent, public-supported vision.

Now, thanks to a number of young, forward-thinking upstarts within the organization, that might all start to change, starting tomorrow night at NASA’s Ames Research Facility in Mountain View, California with the kick off of the World Space Party (aka Yuri’s Night).

With 4,000 expected attendees, this is probably one of the first if not largest raves ever held on government property (you can only imagine the red tape that they had to go through to get this approved!). The space is perfectly suited for this kind of thing — and represents the new thinking and outward focus surging within the organization.

On top of that, there is growing interest in open source (notable given the restrictiveness of the NASA Open Source Agreement), in Second Life, and in coworking, as witnessed by NASA’s tenant status at Citizen Space and in their CoLab project.

I’m certainly excited to see these changes coming to NASA — and if it’s any indicator of what changes might be wrought in the government with the addition of a little 2.0 fever and open source, there’s hope for us yet.

Matt points out that NASA is now using WordPress on their newly released blog.

Open web service architecture

The next step in application development will be in more closely coupling those pieces built loosely joined.

Instead of cpan dependencies or libraries needing to be loaded, the prereqs for running an app with be an Upcoming account and a Flickr API key.

This is the writing of the command line web.

Coworking survey and vote on the Net Squared Innovation Fund

I don’t normally cross-post, but seeing as how my blogs are starting to converge a bit, I don’t mind throwing this one in there…

First, Tara’s been collecting survey data on coworking trends — as well as what common experiences, expectations and desires are. We’ve received about 50 responses so far and would love to have more — especially from the LifeHacker and WebWorkerDaily communities.

If you’re interested, come fill out the survey, shouldn’t take more than a few minutes, and we’ll be sharing the data with everyone at the end.

Second, I just blogged over on Citizen Agency about getting your vote out for the Net Squared Innovation Fund. We’re donating a good chunk of consulting time to the effort to help equip non-profits with the skills, technology and “2.0 know-how” that they need to stay competitive and be even more effective in their advocacy using modern tools.

I invite you to read through and familiarize yourself with the slate of proposals that are all in the running for a chunk of the $100,000 that’s been set aside specifically for 20 community-selected projects and then go vote!

Oh, and if you’re in the area tomorrow night, we’re hosting Gina Bianchini, the co-founder and CEO of Ning and Benjamin Rattray the CEO of Change.org at Net Tuesday on the topic of “How Nonprofits Can Use and Build Online Social Networks: Change.org and Ning at Net Tuesday”, starting at 6pm at Citizen Space. Should be an excellent event.

Vertigo offers up classic first issues for free download

I’ve been getting back into comics lately thanks to James Sime over at Isotope Comics in Hayes Valley (who, by the way, is going to be speaking at the upcoming Web2Open).

Presently, I’m really digging New Universal, Elephantmen, Eternals and Planetary, so when James told me about the Vertigo classic first issue downloads, I had to go check’em out.

Notable from the list are The Invisibles: Say You Want a Revolution, Death: the High Cost of Living, Transmetropolitan Vol. 1: Back on the Street, Preacher Vol 1: Gone to Texas, though the whole list is really quite good.

I also checked out some desktop comic viewers — basically alternatives to Preview (on the Mac). I like SimpleComic (pictured above and free and open source) but ComicBookLover is also worth a look (though pricier at $24.95).

Though the idea of reading comics on the desktop is appealing, like most physical media trying to go digital, I agree with James that something is definitely lost in the translation. Still, think of these downloads as the equivalent of 30-second iTunes previews and then go patronize your local comic store!

Microformats: Empowering Your Markup for Web 2.0

I received a copy of John Allsopp’s new book, Microformats: Empowering Your Markup for Web 2.0 in the mail today.

My first impression is certainly positive and I think that John has made a very valuable contribution to the community and to our efforts to get microformats out there on the open web.

We now have a solid resource that describes the community, the process, a number of microformats and how they’re being used today and profiles a number of organizations that are making good use of microformats already (sadly he missed Ma.gnolia in the bunch, but there’s always second printings!).

This book is ideal for web developers looking for a handy reference on the existing formats, for web designers wondering about how to make use of microformats in their code and how to apply CSS effectively using their semantics and finally, there’s even probably a trick or two that folks familiar with microformats might learn in its nearly 350 pages.

So, go buy yourself a copy and let me (and John) know what you think!

An early look at Comic Life 2.0

Cris Pearson twittered that he’d uploaded some shots of the new Comic Life 2.0 welcome page. Take a look and let him know what you think. For more, join the UI Review group.

Create. Share. Connect.

Awesome video by Kent Bye; discovered on Cris Pearson‘s blog.

The Mozilla Manifesto and the open web

The Mozilla Manifesto is significant because, on the one hand, it plants firmly in the ground a commitment to various principles and ideals and on the other, it offers language in support of the continued production of the open web.

Some within Mozilla fear that with the advancement of technologies like WPF/E and Apollo, the business world is regressing towards more crystallization, more identity silos and more closed doors.

Thus the key aspects of the manifesto in this respect are: “effectiveness of the Internet as a public resource depends upon interoperability (protocols, data formats, content), innovation and decentralized participation worldwide.” and “Magnifying the public benefit aspects of the Internet is an important goal, worthy of time, attention and commitment.”

Problems with OpenID on Highrise

Turns out that 37 Signals’ implementation of OpenID could use some… getting real.

Let me go over these issues and provide either resources or remedies.

Normalization of OpenIDs URLs

Look at these three URLs and make a note to yourself about any differences you see:

To a lay person (or even your average geek), these URLs all represent the same thing — especially if you type any of them into the address bar, they’ll land you on my out-of-date homepage.

But, in the land of OpenID and URI evaluation, these differences can be very significant, especially when you get into the differences between OpenID v1.1 and the forthcoming v2.0 (which adds support for inames).

To the contrary of some discussion on the OpenID list, the way in which you normalize an identity URL very quickly becomes a usability issue if the cause of OpenID login failures are not immediately obvious.

Remedy: Given some of the issues folks have had with OpenID at Highrise, DHH decided to make usability the priority:

I’m going to fix the trailing slash issue on URL-based OpenIDs. We’ll be more liberal in what we take.

This should mean that folks logging in with OpenID shouldn’t have to guess at what their appropriate identity URL looks like, instead only substantively know what the important parts are (i.e. the domain and any sub-domain or path(s)).

Outstanding issues: Of course, 37 Signals can do this, but what happens when the identity URL that someone uses on Highrise doesn’t work elsewhere because other consumers aren’t as liberal with what they accept?

Lack of support for i-names

One of the issues (features?) that OpenID v2.0 brings is the support for i-names, a controversial schema for representing people, businesses and groups using non-familiar formatting codes.

I’ve heard that there’s somewhere in the ballpark of 20,000 i-names users in the wild (I happen to have =chris.messina but never use it), but compared with the over 70 million (and growing) URL-based OpenID users, this is an incredibly small minority of the overall OpenID landscape.

Nevertheless, one potential point of frustration for these users is in the lack of standardization in implementing or indicating support for i-names, as Rod Begbie pointed out in the Highrise forum, to which DHH replied, . We don’t support iname OpenIDs for now, though. We’re just supporting OpenID 1.1.

And this, I imagine, is going to be a common issue, for both OpenID implementors (dealing with support requests for support of i-names) and for i-names users, such that I question, as others have, the wisdom of offering support for i-names identifiers, when issues still clearly remain in the usability of basic URLs.

Remedy: Once the OpenID v2.0 spec has been finalized, there will need to be a new logo to indicate which version of OpenID a consuming site supports; this will hopefully work to set expectations for i-names users.

Outstanding issues: At the same time, the addition of i-names to OpenID v2.0 has caused a lot of concern for folks, many of whom have simply decided to stick with v1.1.

Personally, I don’t see the long term value in fragmenting the OpenID protocol away from more familiar URL-based identifiers. I want something simple, straightforward and obvious. Otherwise, v2.0 is going to be a headache to advocate, to implement and to support that a lot of folks with just stick with v1.1.

Double delegation aka the Sean Coon Problem

My buddy Sean Coon pinged me the other day to see if I could help him debug the problems he was having signing into Highrise with his OpenID account. When he had signed up, he had used seancoon.org as his OpenID URL. He’d started playing with it, but then left it, only to return later, unable to login.

His problem was three-fold, but I’ll first address a basic issue with delegation that some folks might not be familiar with.

As it turned out, Sean had delegated seancoon.org to resolve to ClaimID as his identity provider. The problem was that he used http://claimid.com/spcoon as his identity URL instead of http://openid.claimid.com/spcoon, which is where his OpenID was actually stored.

Typically when people use claimid.com/[username] as their OpenID identity URL to login to sites, this transformation takes place invisibly. This is because ClaimID delegates to themselves.

The problem lies in that Sean delegated seancoon.org to his ClaimID profile, which in turn was delegated to ClaimID’s OpenID server. If this sounds confusing, it is, and that’s why it’s not allowed in OpenID.

As I understand it, delegation can only be done once, or else you might end up in an infinite chain of delegations that may end in some grandious infinite loop. By restricting your delegation hops to one, a lot of problems are avoided.

Remedy: In this case, Sean only needs to re-delegate to openid.claimid.com/spcoon, and fortunately, there’s a handy WordPress plugin that can handle this for him.

Outstanding issues: Delegation is probably one of the coolest aspects of OpenID, since it allows you to use any URL of your choosing as your OpenID and then let someone else deal with the harder part of actually talking to all your services. Furthermore, you can delegate any number of services and set up fallbacks in case your primary identity provider is taking a nap. Communicating how this works and how to resolve and communicate errors when things go wrong is one of the biggest holes in the OpenID offering, and with user experience experts like 37 Signals joining up, I hope that these issues get the amount of due diligence and attention that they deserve.

Untested assumptions

Finally, I discovered a serious mistaken assumption in the Highrise sign-up process. To test out this issue, I created a test account, using http://google.com as my OpenID:

Now, here’s the problem: they didn’t force me to login to that OpenID when I signed up; instead they just assumed that I knew what I was doing and that I was using a valid OpenID.

So here’s the email that I got confirming my account. Note my username:

Of course when I go to login, I can’t, and I’m locked out of my account — since I can’t login and prove that I own google.com — which, notably, is the same result as if I’d mistyped my OpenID. Fortunately, 37 Signals gave me a backdoor, but it kind of defeats the whole purpose of using OpenID and suggests that you shouldn’t let folks arbitrary set their OpenIDs without having them prove that they really have control of their stated identifier.

Remedy: For implementors, you must get proof that someone controls or owns an OpenID if you’re going to rely on it as their primary identifier. You can’t assume that they’ve typed it correctly or even that they’ve even used a proper OpenID. And, most importantly, you’ve got to stress test such a new system to make sure issues like this are avoided.

Oh, and it does appear that MyOpenID.com OpenIDs are totally not working at this time; I’ve put Scott Kveton and Jason Fried in touch, so hopefully they can resolve the matter. Interestingly, if you’ve delegated to more than one identity provider and you’re using your own OpenID URL to login to Highrise, you should be able to get in.

Conclusion

It’s still promising to see folks like 37 Signals get on board with OpenID, but we clearly have a long way to go.

I hope I’ve clarified a few of the current issues that people might be seeing, or that are generally confusing about OpenID, and I admit that while I’m trying to clarify these things, a lot of this will still sound like Greek to most folks.

Given that, if you’re having issues getting OpenID, feel free to drop me a note and I’ll see if I can’t help resolve it.

Netscape will add support for OpenID

Alex Rudloff from Emurse just pinged me that Netscape will formally launch their support for OpenID on Monday:

One of the most consistent pieces of feedback that we have received thus far is that we should look into allowing people to log in using their AOL accounts that are currently used for Netscape/AOL mail, were once used for the previous My.Netscape site, and are used throughout the AOL network.

You sent this feedback, and we have been listening. In conjunction with AOL announcing its role as an OpenID provider, and spurred by the rapid pace by which OpenID is being adopted on the Web, on Monday, March 26th, Netscape will not only support signing in with your current AOL screen name, but also OpenID as a way of accessing Netscape.com and My.Netscape.

This comes as no surprise given that Netscape’s parent company, AOL, is an OpenID identity provider and is building out places where you can use your AIM screenname to login.

Reporting on OpenID implementations lately has become akin to reporting that companies have discovered and are now starting to use HTML… there’s still a long way to go, but clearly this is the future foundation of identity-based services.