I’m exhausted, but I wanted to get some thoughts down about today’s BarCamp in Oxford before I crash. This was proof that there is an intelligent, proactive geek community in England, and that, with the right stimulus, is capable of some incredible stuff. That said, I suspect that with a few exceptions those in attendance were there under their own steam rather than being sanctioned by their employers – a shame, because unconferences are so much more productive (at least for me) than their more traditional alternative.
I led a session cheekily titled Why OpenID Sucks, which was a contentious way of drawing attention to the importance of what the standard is trying to do, while accepting some key shortcomings that need to be solved:
- Usage is declining, even among technologically savvy early adopters
- The identifiers are potentially confusing; an email address is always an email address, a username is always a username, but a URL is not always an OpenID
- The user interface solutions to solve the previous point favour a small number of large providers; they provide "log in with your WordPress.com / AIM / LiveJournal ID" buttons, which makes it harder for a provider not on the list to be an equal, undermining the point of a decentralized, generalized standard
- Because of the way it works (you expect it to forward you to a login screen on a different site), OpenID is particularly susceptible to phishing, particularly when it’s used using UI solutions like the above
Aidan Skinner took some notes from the session; I’ll do my best to write them up more fully soon.
In the meantime, thanks to everyone who organized the day. This was the first BarCamp in Oxford, but the momentum and energy in the community is there for many more to come.