Alcides Fonseca

Well, tomorrow in MIX08 keynote, Dean is going to talk about IE8 and even show it (rumors say at this time there is already a private beta program running).

The IE8 team (and some other guys at MS) noticed that the webdesigners and developers didn’t particularly like the IE8 behavior towards standards, and with MIX coming up, they definitely want to please designers, so yesterday they changed their minds and IE8 will follow the standards rendering the pages for default. This is a huge news! When everybody says that Apple listen to their users (regarding 10.5.2), Microsoft does the same about their ever-hated browser.

There is also one thing I guess their going to announce tomorrow: the fact IE8 will ship with the silverlight plugin. Everyone is expecting this, but it’s their way of convincing more designers to enter the silverlight wave. And Apple will also announce the same for Safari in next mac event…

After yesterday’s announcement, I’m already please with Microsoft, but there are a few things that would make me even more happier. First it would be the Microformats UI. After Mozilla dropping microformat UI support for Firefox3, this would be an excellent news to higher IE in people’s consideration.

Another news I would love to see is the OpenID support. Right now, I get the feeling Microsoft is becoming a security freak. They already have Cardspace support, but for regular internet surfers, they will only use it, if attached to an OpenID. So we could expect a Cardspace+OpenID support, but I guess not now.

The final feature, and this one would be the one I would really fall in love with MS, but I know it’s impossible, is the HTML5 (even if partial) rendering support. There are already a few folks wearing html5, so it would help people to move forward, and even pressure the standardization process.

We have old Gravatar, hAvatar, pAvatar (discussed here) and now we have Openvatar.

This last one is based on OpenID, but uses email as the identifier… This makes no sense!(Read comments) and is centralized! OpenID is all about using your own URL as you main identity (although email seems possible too) so you should fetch your avatar based on your URL. Both pAvatar and hAvatar do that correctly, but hAvatar uses another piece of technology I love (and makes all sense together with OpenID) that are the microformats (hCard in this case).

So I’d like all this not-that-good solutions to stop coming, and that we all focus on adopting the one that makes sense to the majority of people.

Eu acredito sinceramente que o OpenID é o futuro. Daqui a 1/2 anos, todos os sites vão suportar OpenID (e eu provavelmente já vou estar a testar o sistema seguinte). Um sinal disso foi a entrada da Google, IBM, Microsoft, Verisign e Yahoo para o board da OpenID foundation.

Agora que os principais desafios técnicos estão ultrapassados, faltam ultrapassar as próximas barreiras: as sociais. Temos de ir agora divulgar a boa nova ao mundo e fazer com que as pessoas comecem a usar o OpenID. Os primeiros alvos, na minha modesta opinião, deverão ser os fornecedores de serviços online, para começarem a permitir o login por OpenID. Porque se não houver utilidade em ter um OpenID, ninguém vai criar um.

Agora os fornecedores têm um problema de como adicionar o OpenID de forma a que os utilizadores o aprendam a usar, sem perder utilizadores com um processo demasiado demorado. A minha sugestão para os sites portugueses é terem um link “O que é o OpenID?” para o Guia Supersónico do OpenID. Escrevi este guia para o utilizador comum, mas aprender no menor tempo o que é o este sistema e como o usar, e até descobrir que já tem um (ou mais) OpenID.

Escolhi um formato simples em vez de um wiki porque, por um lado, iria ter mais elementos a volta que iriam confundir o utilizador, e porque quero que isto tenha uma edição pessoal. O que consta no guia é o que eu considero essencial que uma pessoa saiba sobre o OpenID. No entanto aceito de bom grado sugestões para melhorar o site. E estou a pensar em adicionar um pequeno vídeo com um screencast de como usar OpenId.

Se alguém estiver interessado em permitir uso do OpenID nos seus sites, estou interessado em colaborar ;)

Neil has this great post on how take advantage of the full capabilities of modern browsers to improve the user experience. I just love the OpenID provider example since I’m in the long process of implementing OpenID comments in this blog.

Oh, and I am thinking of making possible to receive updates to comments through Jabber…

Yeah, there’s missing only Microsoft for having all the buzzwords in this post’s title. But I won’t be discussing that polemical bid.

Yahoo has launched their 0penID support and I hope the beta there means it’s going to be improved!

I’m doing some OpenID-related stuff and I’m wondering if I should recommend Yahoo as a OpenID provider. First of all, you need to activate OpenID in you account (just like with Blogger). So allowing the users just to enter their URLs and login would be perfect, but I guess they are just doing this for some stats or so. But for regular users having to active something may make them think twice (could be good or not).

One thing that a multi-website entity like yahoo did was to allow users to choose their OpenID url. So I can pick between me.yahoo.com/alcides and my flickr URL. That’s very sweet from Yahoo since they are admitting having flickr in your URL is cooler than the crazy Yahoo. But I find a problem here. Isn’t the “id” in OpenID for identity? http://flickr.com/photos/alcidesfonseca doesn’t have anything to do with my identity, it’s just a place to display my photos. But http://flickr.com/people/alcidesfonseca does! It has all my personal information, even my hCard! So, Mr Yahoo/Flickr Folks, why do we use the photos page instead of our profile page? I know you have a rel=“me” link to the profile page, but it’s just not the same thing!

Some interesting links for the week:

Folksr is a project that intends to gather people’s votes through their microformated links. You login with your openID, and from then on just add rev=“vote-for” and that’s a vote! Of course this is only for geeky people. But an interesting proof of concept anyway!

MOAT is a way of giving meaning to tags (via URLs). Its a cute project, but I don’t know if it will be useful. Anyway, there are already public servers and a Drupal implementation. Wordpress already in the TODO list.

Gravatar is attached to your email address and is not open nor distributed. The future is URL-based and distributed. There already two alternatives: pAvatar that seems more (unnecessarily) complex to implement, and hAvatar is just the photo on your hCard. Pretty simple hein? I just got one problem: When more than one hCard are present in the page, which one is the author’s? Tantek uses the class author, but I don’t find it in any other website. Any tips?

I’m sure you are familiar with the MyBlogLog concept. It’s a list of people that have recently visited your website. It works through a widget that reads a Cookie in your computer and saving it for the site owner to check.

Well, I am conducting my own experiment to do the same, but instead of requiring a MyBlogLog/Yahoo account, users just need an OpenId. As I don’t use openid for logging in or commenting (yet), only users who have OpenID integration in the browser will be recorded. This works fine with Seatbelt Firefox Extension, so if you are using it, you are being watched by the Big Brother.

According to OpenID documentation, form elements for openid should be called “openid_url” in order for browsers to fill the url automatically. I take advantage of this feature, and when loading the webpage, it that hidden field is not empty, I send a AJAX request passing the visitor’s openid as a parameter that is saved in a txt file (for now).

Yes, it’s as simple as that. I also have a simple script for printing the OpenIDs and I am working in order to fetch the hCard in the URL. For now I am using an external link, but when I got the time, I will make everything work together. It is a simple ruby CGI script (ruby’s CGI module is awesome!) and uses Mofo for scrapping the microformats.

For now, it justs let me know who visits me that uses Seatbelt and OpenId, but in a near future with browsers having natively this future, it will Rock! Oh, and it helps building whitelists of openids.

First, Yahoo (and Flickr) will be OpenID 2.0 providers starting 30th this month. Google announced that Blogger is now working a provider but only if you allow it. I really don’t know why they are asking people to check that damn checkboxes, maybe because of their enourmous database. There is not a list of trusts you can manage, for now you just can add one. At least they are already consuming openID. I wished I would not need a yahoo account to have my own space at Flickr. But that’s not for this moment yet.

Microsoft is getting late here. Wouldn’t they like to have the url id.live.com/alcidesfonseca spread all over the internet?

One of the advantages of the OpenID system is that you don’t need a password at all to login. In fact André showed me MyVidoop where they use image categories to login instead of the traditional password.

Here is a new login workflow that uses your twitter account to send you your password. You can receive it by IM, SMS or your favorite Twitter client, and just login with it. As simple as that, and you are using your twitter account to login everywhere OpenID is available.

Pretty cool! I just wish Twitter themselves buy or develop this system, so we can all have official Twitter OpenIDs!

Ever wanted to host your own Facebook or Hi5? Have the benefits of a social network, but without outsourcing it to 3rd parties like Crowdvine or Ning?

I’ve already posted on creating your own social network and mentioned Elgg, an OpenSource SocialNetwork that includes features such as:

• Blogging
• File repositories
• Podcast and full RSS support
• Tagging
• Profiling
• Communities
• Multilingual

And two that caught my attention:

• OpenID support
• Importing content

OpenID is a obvious advantage comparing to hi5, Facebook or even other social networks. It allows you to have your own Identity shared by all your social networks (if you want). But what about importing content? I really thought they were thinking XFN, hCards and other microformats, but no. They are using another standard: FOAF. The Friend of a Friend standard is a XML-RDF way of expressing connections between people and information about them. And it’s even compatible with OpenID.

But personally I believe more in the hCard+XFN solution. It allows you to have your data encapsulated in your content, and not a separated XML file. You write the code once, and it’s readable by both people and machines. I guess those two tribes should gather and pick on a real solution. It’s been so hard for people to start adopting this kind of standards that if there are two to choose from, we will never have that decentralized social network we all dream of.

Lembro-me da última vez que discutimos isto e que na altura o openid.net era geek-only e para todos os outros era simplesmente um caracol laranja. Entretanto já está mais bonitinho e há cada vez mais providers, até mesmo a France Telecom alinhou nesta onda. E na Estónia, há um openid associado a cada BI electrónico, e vão suportar os cartões belgas, finlandeses, espanhóis e… Portugueses! Ou seja, para ter um openID associado ao novo Cartão do Cidadão, tenho de recorrer à Estónia?

Ontem estive com o Ricardo (aka Mr. Zone41) a instalar e acomodar o plugin wp-openid no blog dele. Facilita bastante a vida, porque dei permissão uma vez para utilizar o meu openID no blog dele, e agora é só escrever o comentário e OK, o Seatbelt trata do resto. E o mais giro é que serve para me logar numa data de outros sites.

Com isto, fico a pensar que com um suporte híbrido (tradicional e openID em simultâneo) já chegou a altura para começar a implementar isto nos sites e blogs dos so-called “early adopters”, ou seja, a malta geek ou com gosto por estas coisinhas. Por isso se tiverem um blog Wordpress, não custa nada suportar também openID! Instalem o plugin que mal não faz (se tiverem dúvidas, falem comigo) e começem também a usar! Para quem tem outra coisa (como sistemas homebrew como eu) também tem direito a suporte ;)

Quando a providers, existem uma data deles, basta escolher da lista. Recomendo os dois que uso: o ClaimID que também junta toda a vossa informação numa página, e o MyOpenId, o pioneiro e que ainda presta um serviço muito bom. E agora a surpresa: Quem tiver um mail no Sapo, pode também ter conta OpenID associada. basta ir a openid.sapo.pt e escolher um username. Aviso que o serviço é experimental, mas é um bom avanço para o OpenId em Portugal. Ficam também umas dicas para a malta que está a trabalhar nisto: para álem do tema assapado e do texto explicativo do openid, que decerto que já está planeado, sugiro vivamente encurtar o endereço openId de cada pessoa. A ideia é ter uma coisa curta que se prefira usar a um username/password. openid.sapo.pt/user/alcides é enorme para mim! Tirar o user do meio ajudava bastante ;) Ah, e a página de identidade é um pouco pobrezinha. Últimos posts do blog, fotos, tags e quem sabe até o link para o profile do Spot...

One of the things we most criticize in OpenID in Fred's Barcamp Presentation was the fact that the official website was too heavy in information, and not very attractive for non-techies. Kventon (well spelled!) and David Recordon did an awesome job revamping the website.

It not also makes OpenID pretty, as also makes people want to use them and make services implement it (or so I hope!). In my opinion it’s a great step to bring OpenID to the regular internet user. There is only one thing missing in my opinion: multi-language. If I want to make a OpenID powered service here in Portugal, no way everyone would go and read the website if it is in English. OpenID guys, with France Telecom and soon other international companies adopting OpenID, please think about translating the website. I would gladly help in the Portuguese one :)

Microsoft has been using their Passport, now Windows Live ID since Hotmail become popular, and a lot (and when I say a lot, I mean A LOT!) of Internet users do use it.

Recently, Microsoft has released the Windows Live ID Client/Web Authentication SDK that allows users to base their authentication systems on Windows Live ID. This is a great solution for a single sign-on, but all the authentication is relied to Microsoft. Most users won’t find this a problem, but other will.

Well, there is a more open solution to this problem: OpenID. I’ve wrote about this before but now, I have an idea for a new project and I wanted to hear some feedback.

I know that Microsoft has been working together with OpenID to improve the system and make both systems compatible, but I can imagine a quick way of making live ID work as an OpenID: I’m thinking of making my own OpenID provider that uses Windows Live ID as a authentication. Yeah, it will re-delegate the authentication, and probably will take more time, but it will use the authentication you already have (thinking about liveID users).

I wonder if you have any suggestions, or are interested in helping out :)

Uma das apresentações mais esperadas do dia era do Fred Oliveira sobre OpenID. Começou por nos falar da ideia e fez uma pequena demo de como usar OpenID do ponto de vista do utilizador. Isto levou a plateia a levantar problemas sobre o sistema que ainda não estão bem resolvidas. Falou-se da integração com browsers que é um must para os utilizadores começarem a aderir, da necessidade de nós (developers, bloggers, utilizadores da web2.0) comecemos a usar e a divulgar a quem não conhece.

De facto o OpenID não está preparado para o público geral. Como disse a Maria João Nogueira, “as pessoas vão olhar e perguntar que raio é aquele caracol ali em cima”. Mesmo o site oficial openid.net deveria ser mais explicito e apelativo para que as pessoas se sintam interessadas em utilizar aquilo, mostrar confiança e ao mesmo tempo não ser um texto demasiado grande. Uma das coisas que acho que ainda falha, é o facto de quem não usa o seu próprio domínio como OpenID não possa mudar de provider, sem perder todas as suas contas.

Para quem está a desenvolver sites de momento, uma boa prática é implementar openID, mas possibilitar o registo/login tradicionais. Infelizmente o workshop não abrangeu desenvolvimento de sites usando OpenID, mas é umas área que tenciono abordar no futuro.

Photo by P. A. M.

Everyone who uses the Internet has this problem: So many login protected websites and so many different username/password combinations used. A long time ago, people used txt’s to keep their passwords, but with current browsers they keep it for you. But it’s still a pain when you’re not on your computer or you format or even change browsers. What if there was only one login system for every website?

Well, OpenID solves that problem. You can login in any website that supports this system (and that number is increasing) only with your OpenID url (ex: alcides.myopenid.com). As this is an open system, you are not stuck with some company, like you are with Microsoft if you use Live ID. There are a few OpenID servers and you can even have your own. And even if a server goes offline, there is a solution for it: use your own website as your OpenID. Mine is alcidesfonseca.com and to have that, I just had to add this lines to the head tag in my homepage:

If someday I stop using MyOpenID.com and start using another, I just have to change those lines. Simple and secure :)

Photo by April Joy

If you haven’t started using OpenID, I strongly suggest that you take a look at Simon Willison’s screencast on How to use OpenID.

If you own a website with login/password, think about the possibility of adding OpenID support for your users. Here is a list of plugins for CMS that you can use:

Of if you need to code your own, here are some libraries to help you out. In a near future, when adding OpenID support for my blog, I will post and How-to add support for Python applications.