Log in

No account? Create an account

Previous Entry | Next Entry

Around two years ago, back before OpenID 2.0 was out and when Sxip was still competing with OpenID, a group of us got together and put up $50,000 to sponsor a developer bounty program for OpenID implementations. Coming out of that (along with Sxip), we formed the OpenID Foundation with the following purpose statement:

The purpose of the OpenID Foundation is to foster and promote the development and adoption of OpenID as a framework for user-centric identity on the Internet. The intent is for the Foundation to serve as a public trust organization representing the community of developers, vendors, and users in much the same way that Open Source Development Labs (OSDL) has done for Linux, the Mozilla Foundation has done for Firefox, the Dojo Foundation has done for the Dojo Toolkit, and the Apache Software Foundation as done for numerous Open Source projects. While this organization is not identical to any one of those, it embodies aspects of each that enable it to support the unique needs of the OpenID community.

We then laid out five areas of responsibility for the Foundation:

  • Stewardship of Intellectual Property
  • Facilitation of Specification Development
  • Facilitate the Development of Open Source Reference Implementations
  • Facilitate the Development of Interoperability Testing
  • Marketing, Education, and Evangelism

Obviously some things have changed from what we wrote in that document, but it's interesting as I look back to where the Foundation has largely focused instead:

  • Stewardship of Intellectual Property — The OpenID Foundation worked with a variety of individuals and companies to develop a legal framework based off of prior work which has since been reused and evolved to fit OAuth and OpenSocial. It isn't perfect, but I think we were successful.
  • Facilitation of Specification Development — We've created a process to develop specifications that fits into the legal framework, though quite honestly it's still too hard to get started (one of the reasons I'm involved in the Open Web Foundation). That said, there also aren't enough checkpoints along the way to make sure that a new specification really should be a piece of OpenID. I think this stems from OpenID 2.0 turning into a technology that tried to please a lot of different people, instead of staying true to a much narrower vision and problem.
  • Big Companies — Since Microsoft announced that they would be supporting OpenID 2.0 in early 2006, the Foundation's board has spent a lot of time on how to get big companies more involved and funding the organization. Growing the diversity of any technology community is important to enable long term success, but I also feel that we've lost track of our original vision. With the exception of the Linux Foundation (renamed from the OSDL), none of the organizations listed in our original purpose have corporations as members of their board for funding but rather all mainly rely on contributions. The OpenID Foundation instead charges $50,000 per year to any company which wishes to serve on its board while maintaining n+1 parity of community board members to corporate (n). While a great funding model when companies are willing to pay, this also means that a) the Foundation has to be delivering each company $50,000 worth of value each year (as one prospective company told me, that's equivalent to one full-time junior engineer which is why they're not joining) and b) makes equal participation for smaller companies and startups nearly impossible. DeWitt Clinton (Google's board representative) and I have since proposed a funding model based on contributions instead, but that has largely been shot down by the rest of the board. (I'd much rather have five-hundred member company logos on the site who each paid $150 than fifty paying $500+. Companies will happily donate money if they feel like they're getting value; Google, Yahoo! and Microsoft all each donate $100,000 to the Apache Software Foundation each year.)
  • Marketing — The site looks pretty good, we're spending time talking to people using and thinking about implementing OpenID about what they need, and even made some buttons. Most of this though happened first outside of the Foundation and then was later spun in. :-\
  • Process — We have a lot of it. :)

This week was the beginning of the first election of seven community board members for the Foundation. Four (IIRC) will serve a two year term and the remaining three will serve a one year term. As more big companies write $50,000 checks to become board members, the board will then appoint more community board members to retain n+1 parity until the next election (though based heavily on the results of this election).

I'm running again along with a great group of sixteen other candidates. It costs $25 to become a member and vote, which I encourage you to do if you're interested in the future of OpenID and what the Foundation should be doing.

While a lot of us know that the Foundation must do more to provide real value to the entire OpenID community next year, it shouldn't just be about marketing and turning OpenID into a product. We must also look back to the goals and responsibilities originally laid out and make sure that we're getting OpenID as a technology to where it needs to be if we want any hope of it becoming a piece of an overall product that can compete with the likes of proprietary Facebook Connect.

If I had my way, next year the big things I'd strongly advocate for are:

  1. Revamping the funding and membership structure of the Foundation. I'd rather have companies donating because they want to versus paying because their competitors are.
  2. Hiring an Executive Director who understands a mix of open source and more traditional corporations/marketing. We need someone who can speak to developers, analysts and CEOs; not just one of those groups.
  3. Bringing together the various international organizations. It doesn't help that the OpenID Foundation, OpenID Europe Foundation, and OpenID's Japanese Chapter largely operate independently. We must find a structure that works around the World so that companies only need to join/support one organization, agree to one set of policies, and there be many voices moving one message World-wide. (This is why I've cast two of my seven votes in this election for Nat who runs the Japanese Chapter and Snorri who runs the European Foundation.)
  4. Funding Open Source development since many of the current libraries are lagging as their maintainers have moved on to other projects. There should be great plugins for Rails and Django with solid libraries in PHP, Python, Ruby, Java, and Perl. We also need to help the community develop a great JavaScript front-end (like JanRain's RPX which is pretty cool) that sites can easily adopt for their sign-in UI to help solve usability problems. The Foundation should be able to work with Google's Summer of Code project to help make this even more possible.
  5. Working with the OAuth community to bring OpenID and OAuth even closer together. The OpenID+OAuth hybrid work is a start, but it's very clear that OpenID needs to allow a user to grant ongoing access to protected data if they wish to do so (which is what OAuth does).
  6. Funding and facilitating the development of interoperability testing tools. Today it's nearly impossible for OpenID Providers and Relying Parties (sites which accept OpenIDs) to make sure that they did it right.

I know that plenty of other people will strongly advocate for marketing, productization, etc so don't worry those won't be underrepresented either. :)


( 4 comments — Leave a comment )
Dec. 12th, 2008 03:54 pm (UTC)
I was disappointed to see the membership fees for individual members. The GNOME Foundation has no such requirement and is quite effective. FWIW, I would vote for you if I could work out why it's worth $25 to do so...
Dec. 12th, 2008 04:01 pm (UTC)
While membership is free in the GNOME Foundation, their requirement is that you must have contributed "a non-trivial improvement" to the GNOME Project to be eligible for membership. This would be much harder to track in a project like OpenID since there are far more ways to contribute than source code or specifications. Apache has a similar (if not more rigorous) requirement of the existing membership voting in new members.

So the challenge for individual membership with any of these organizations is what type of "barrier" do you create since those members are electing the board and thus helping to shape the future of the organization. That said, the OpenSocial Foundation has free membership with no other requirements.
Dec. 12th, 2008 05:58 pm (UTC)
Of course I'd vote for you David, but you are going to have to buy my vote and the price is $25.
Dec. 12th, 2008 07:42 pm (UTC)
I assume (hope) you are joking about this, but I'll reply anyway for the benefit of others that may come along. This actually proves David's point for needing a barrier to entry. To be blunt, if you're unable to justify the spending of $25 to join the foundation and help appoint the foundation's leadership, then you're not the kind of person I'd want making this decision anyway. There are plenty of ways that people can participate in the OpenID community for free, and I think those are more appropriate avenues for most people. I believe the individuals who are making decisions on the direction of this technology should be those who are willing to make a real commitment. While $25 is not much of a barrier (it was actually $100 when I joined last Spring), your comment proves that it is in fact an effective filter for people who would come along and vote in this election as though it were a popularity contest.
( 4 comments — Leave a comment )