4 Technologies for Portability in Social Networks: A Primer
Today Marshall Kirkpatrick interviewed Facebook CEO Mark Zuckerberg at SXSW, with the main topic of discussion being Data Portability. Later in the day at the festival, a star studded panel discussed building portable social networks. The panel highlighted four technologies that help make identity and data more portable across social networks: hCard; XFN and FOAF; OpenID; OAuth.
This post serves as an introduction to each of these technologies.
hCard: Providing Your Contact Information
Users are tired of repeatedly entering profile information over and over again. This problem is solved by the microformat hCard. Leslie Chicoine, an Experience Designer at Get Satisfaction, talked about how her company had created a sign up process for their web application using hCard. (see screen shot below)
XFN & FOAF: Who are your contacts
Another microformat, XFN, and the FOAF project are techniques for embedding relationships in links. This allows social networks to recommend contacts that should be shared, without scraping web based email clients. Recently, Google introduced a Social Graph API, which "index[es] the public Web for XHTML Friends Network (XFN), Friend of a Friend (FOAF) markup and other publicly declared connections".
Something very interesting that I wasn't aware of until today's panel was that both Plaxo & Six Apart were working on something similar before Google announced OpenSocial, according to Joe Smarr and David Recordon. However, once Google started focusing on this they were happy to hand it over to them - because Google "has the web on a hard drive", so it makes the crawling component of this far less difficult. For a good overview on Google's Social Graph API, check out the following introductory video:
OpenID: Authenticating Individuals
OpenID is a decentralized framework for allowing social networks (and other web applications) to authenticate users. In other words, it lets users login using shared credentials across different services. It also allows individuals to decide what information they want to share with each application. For example, a user might decide not to provide their postal or email address.
OAuth: Authorizing Access
The final protocol discussed was OAuth. It is a protocol that is less about authentication (OpenID) and more about authorization. The protocol has been developed over the last year. The specification was released in December 2007 and modeled off a number of authorization protocols, including the Flickr Authorization protocol. According to Chris Messina, a number of services have already started using it including:
- Fireeagle
- Open Social
- Pownce
- Get Satisfcation, and
- Magnolia
- (and Twitter support will be coming soon)
Chris also pointed to a comment in a recent post of ours about email passwords, that highlighted the need for tools like these. Also there was a comment on RWW from Oren Michels at Mashery, indicating it is the most requested feature for them right now.
Conclusion
Securely moving your data around the web has increasingly become an important concept on the web. Arguably, it was the most discussed meme at this year's SXSW. While not an application, you could say it has been 'this year's Twitter'.
The Data Portability group deserves credit for educating the market. Beyond that, it is also an idea whose time has clearly come. It is interesting to think what applications will be built on top of these portability standards - they might be popular by next year's SXSW!
Share
Comments
Subscribe to comments for this post OR Subscribe to comments for all ReadWriteWeb posts
Someone need to educate me on why Data Portability group is getting so much credit. For heavens sake, their site is a joke, nothing but a bunch of acronyms passed off as content. WTF people!? Can anyone make heads or tails out of the site? Is this the case where everybody thinks that if they don't give credit to Data Portability Group that others might think they are stupid?
I have to agree we need to change it and we have raised that as something to do. Our current plan is to wait until we have a new logo, and then we will change the entire homepage to something that incorporates the issues we have logged to date with it.
We would love to hear your thoughts on how we can do it, as creating something like this is a difficult task to please everyone, and we rely on feedback to get it right.
I don't thing the authorization/sharing part is most important when we're talking about OpenID in context of portability. The crucial thing is: the OpenID gives unique identifiers to individuals (and way to prove that the identifier belongs to that particular user).
I think we still have one big issue here... There are FOUR technologies outlined here. We don't need four accounts we need ONE! hCard, OpenID or the other two I don't care, but having one fixed identity online would definitely be something I would like to see.
OAuth would be critical.. but it needs to be more seamless..
APML is also a beautiful thing. And this, IMHO, will greatly improve our lives very soon :)
Hmm, I would have phrased this a little different, XFN and FOAF as "techniques for embedding relationships in links". Thing is, links *are* expressions of relationships. What XFN and FOAF bring to the table are ways of being more specific about what the link means than the usual 'somehow related' found with typical web links between documents.
While XFN and FOAF primarily cover relationships between the creators of the documents, it's possible (using RDF, which underlies FOAF) to express relationships between any kind of things: people, places, real-world objects, concepts... This evolved link is hugely useful for DataPortability, going beyond an import/export kind of view - making it possible to have a web of data, in other words the Giant Global Graph.
@Kyle James - these four technologies work well in concert. It is certainly only one account as only one of these does authentication.
@Yikes ... I second what Elias has said above. DataPortability is just getting kicked off. It's basically an open source project where people are volunteering their time.
The DataPortability buzz is a sign that the market is demanding DataPortability. Would you prefer a separate login to each website? Etc, etc.
@Elias, @Mike,
I applaud your efforts. However, I have seen far narrower scoped efforts, primarily around single logon to deploy in-house, championed by enterprises that have the resources and the will and never finished. This effort is far more ambitious and dependent on volunteers nonetheless, so you do the math.
@Yikes well make sure you bookmark our timeline which monitors our progress. Whilst we are developing a blueprint to represent DataPortability as a concept to implement, I personally think it would be just a successful if the issues we raise and the standards we advocate as put on the agenda. And that is already happening.
Time will tell, but to think what we have achieved since a group of us first conceived of the idea in November 2007, I think we are doing far better than what we had hoped.
Timeline: http://wiki.dataportability.org/x/IAER