Comments for 4 Technologies for Portability in Social Networks: A Primer

4 Technologies for Portability in Social Networks: A Primer

2008-03-11T04:39:34Z

Today Marshall Kirkpatrick interviewed Facebook CEO Mark Zuckerberg at SXSW, with the main topic of discussion being Data Portability. Later in the day at the festival, a star studded panel discussed building portable social networks. The panel highlighted four technologies that help make identity and data more portable across social networks: hCard; XFN and FOAF; OpenID; OAuth.

]]> This post serves as an introduction to each of these technologies.

hCard: Providing Your Contact Information

Users are tired of repeatedly entering profile information over and over again. This problem is solved by the microformat hCard. Leslie Chicoine, an Experience Designer at Get Satisfaction, talked about how her company had created a sign up process for their web application using hCard. (see screen shot below)

XFN & FOAF: Who are your contacts

Another microformat, XFN, and the FOAF project are techniques for embedding relationships in links. This allows social networks to recommend contacts that should be shared, without scraping web based email clients. Recently, Google introduced a Social Graph API, which "index[es] the public Web for XHTML Friends Network (XFN), Friend of a Friend (FOAF) markup and other publicly declared connections".

Something very interesting that I wasn't aware of until today's panel was that both Plaxo & Six Apart were working on something similar before Google announced OpenSocial, according to Joe Smarr and David Recordon. However, once Google started focusing on this they were happy to hand it over to them - because Google "has the web on a hard drive", so it makes the crawling component of this far less difficult. For a good overview on Google's Social Graph API, check out the following introductory video:

OpenID: Authenticating Individuals

OpenID is a decentralized framework for allowing social networks (and other web applications) to authenticate users. In other words, it lets users login using shared credentials across different services. It also allows individuals to decide what information they want to share with each application. For example, a user might decide not to provide their postal or email address.

OAuth: Authorizing Access

The final protocol discussed was OAuth. It is a protocol that is less about authentication (OpenID) and more about authorization. The protocol has been developed over the last year. The specification was released in December 2007 and modeled off a number of authorization protocols, including the Flickr Authorization protocol. According to Chris Messina, a number of services have already started using it including:

Fireeagle
Open Social
Pownce
Get Satisfcation, and
Magnolia
(and Twitter support will be coming soon)

Chris also pointed to a comment in a recent post of ours about email passwords, that highlighted the need for tools like these. Also there was a comment on RWW from Oren Michels at Mashery, indicating it is the most requested feature for them right now.

Conclusion

Securely moving your data around the web has increasingly become an important concept on the web. Arguably, it was the most discussed meme at this year's SXSW. While not an application, you could say it has been 'this year's Twitter'.

The Data Portability group deserves credit for educating the market. Beyond that, it is also an idea whose time has clearly come. It is interesting to think what applications will be built on top of these portability standards - they might be popular by next year's SXSW!

Comment from Yikes on 2008-03-10

2008-03-11T05:43:42Z

Someone need to educate me on why Data Portability group is getting so much credit. For heavens sake, their site is a joke, nothing but a bunch of acronyms passed off as content. WTF people!? Can anyone make heads or tails out of the site? Is this the case where everybody thinks that if they don't give credit to Data Portability Group that others might think they are stupid?

Comment from Elias Bizannes on 2008-03-11

2008-03-11T09:49:28Z

I have to agree we need to change it and we have raised that as something to do. Our current plan is to wait until we have a new logo, and then we will change the entire homepage to something that incorporates the issues we have logged to date with it.

We would love to hear your thoughts on how we can do it, as creating something like this is a difficult task to please everyone, and we rely on feedback to get it right.

Comment from Marcin Jagodzinski on 2008-03-11

2008-03-11T11:12:50Z

I don't thing the authorization/sharing part is most important when we're talking about OpenID in context of portability. The crucial thing is: the OpenID gives unique identifiers to individuals (and way to prove that the identifier belongs to that particular user).

Comment from Kyle James on 2008-03-11

2008-03-11T13:32:10Z

I think we still have one big issue here... There are FOUR technologies outlined here. We don't need four accounts we need ONE! hCard, OpenID or the other two I don't care, but having one fixed identity online would definitely be something I would like to see.

Comment from YDRIVE on 2008-03-11

2008-03-11T14:02:41Z

OAuth would be critical.. but it needs to be more seamless..

Comment from Karim on 2008-03-11

2008-03-11T15:30:54Z

APML is also a beautiful thing. And this, IMHO, will greatly improve our lives very soon :)

Comment from Danny on 2008-03-11

2008-03-11T17:43:54Z

Hmm, I would have phrased this a little different, XFN and FOAF as "techniques for embedding relationships in links". Thing is, links *are* expressions of relationships. What XFN and FOAF bring to the table are ways of being more specific about what the link means than the usual 'somehow related' found with typical web links between documents.

While XFN and FOAF primarily cover relationships between the creators of the documents, it's possible (using RDF, which underlies FOAF) to express relationships between any kind of things: people, places, real-world objects, concepts... This evolved link is hugely useful for DataPortability, going beyond an import/export kind of view - making it possible to have a web of data, in other words the Giant Global Graph.

Comment from Stephen Paul Weber on 2008-03-11

2008-03-11T18:50:42Z

@Kyle James - these four technologies work well in concert. It is certainly only one account as only one of these does authentication.

Comment from Mike Reynolds on 2008-03-11

2008-03-12T00:17:22Z

@Yikes ... I second what Elias has said above. DataPortability is just getting kicked off. It's basically an open source project where people are volunteering their time.

The DataPortability buzz is a sign that the market is demanding DataPortability. Would you prefer a separate login to each website? Etc, etc.

Comment from Yikes on 2008-03-11

2008-03-12T00:54:53Z

@Elias, @Mike,

I applaud your efforts. However, I have seen far narrower scoped efforts, primarily around single logon to deploy in-house, championed by enterprises that have the resources and the will and never finished. This effort is far more ambitious and dependent on volunteers nonetheless, so you do the math.

Comment from Elias Bizannes on 2008-03-14

2008-03-15T05:23:02Z

@Yikes well make sure you bookmark our timeline which monitors our progress. Whilst we are developing a blueprint to represent DataPortability as a concept to implement, I personally think it would be just a successful if the issues we raise and the standards we advocate as put on the agenda. And that is already happening.

Time will tell, but to think what we have achieved since a group of us first conceived of the idea in November 2007, I think we are doing far better than what we had hoped.

Timeline: http://wiki.dataportability.org/x/IAER