Tag Archives: hcard

OpenID

New and Slightly Improved

I finally had some time this weekend to work on a bunch of things that I have been wanting to do with my blog. The short status is:

  • WordPress 2.5 / K2 Upgrades = Success
  • Administration Improvements = Success
  • hCard = Success
  • OpenID delegation = Success
  • OpenID plugin for comments = Fail

WordPress 2.5

The biggest task was the upgrade to WordPress 2.5 (2.5.1 really). I’ve been putting this off partly because it is a lot of work for me and partly because I had to wait for K2 official support for WordPress 2.5, which was released a couple of weeks ago. I played around with some nightly builds before that, but none of them seemed as stable as I would have liked, so I decided to wait for official support.

The reason it takes so much time for the upgrade is that I’ve done a bit of hacking on the php files for K2 without doing much documentation, so it took me a while to sort out what I had changed. I also took the time in this version to carefully comment begin / end statements using a consistent search string. Now, for the next big upgrade, I can easily search the files for that string to find all of my tweaks.

I also had to do a bit of work on my custom css overrides in a few places where K2 made new changes.

Luckily, I have a pretty good setup on my MacBook with a local php/mysql/wordpress install where I can do most of the testing, breaking, and fixing without disrupting the blog, so the blog should have been up most of the morning despite my working on it for 6+ hours.

Administration Improvements

I installed the WordPress Database Backup (wp-db-backup), and scheduled weekly backups. My hosting provider does nightly backups, but I thought it would be a good idea to have my own backups. It will also make it easier for me to do backups prior to installing plugins / upgrades / etc., which I have been doing manually prior to installing the plugin.

I also used the WordPress Automatic Upgrade plugin to perform the upgrades. I love this plugin!

hCard

I really needed to get some proper contact information on my blog, and I decided that hCard would be a good way to do it, and it gave me an excuse to play with microformats. Now, people can see my contact info, machines can read it, and you can add it to your address book with a simple click.

OpenID delegation

I finally got around to setting up Fast Wonder Blog as a delegate for my OpenID account at ClaimID. Not having this earlier was sheer laziness on my part.

OpenID plugin for comments

Grrrrr. OK, this one was a big fail for me. I tried a bunch of stuff, but I kept running into one pesky error that was not occurring in my local environment. I installed wp-openid, and it worked great in my local environment, but on my hosted production copy of the blog, I kept getting this:

Fatal error: Call to undefined function: error() in /home/content/f/a/s/fastwonderblog/html/wp-content/plugins/openid/store.php on line 134

I tried commenting out the error to rule out an issue with the error message itself, I re-built database tables, uninstalled / reinstalled, activated / deactivated all with no luck. I’m hoping I can get Chris or Will to take a look at the error report and suggest a fix. I’d love to have OpenID support, but it looks like it isn’t in the cards for me today.

sxsw

Portable Social Networks session at sxsw

Here are my relatively raw notes from the session with David Recordon, Chris Messina, and others.

People are tired of re-creating our data and friend lists on every new sites. We need to make it easier to move content from one site to another. Every website starts from scratch instead of building on things you have already created. This is why Facebook apps have been so successful – you can use the apps with your existing friends and existing information.

You don’t necessarily want all of the same friends on every service, and you don’t want to impose your new apps / sites on all of your friends by flooding them with friend requests. You may also want to message people on other services and integrate with various services so that you can use the sites you like, your friends use the ones they like, and both can still communicate and share information between them.

Who owns your friends email addresses? Do you have a right to port your friends email addresses from Facebook to Plaxo? You want to be able to contact your friends and easily find their email addresses without violating the privacy of your friends.

Terminology is getting confusing for people. Social networking, social graph, etc. The web is way more than terminology, it is really about the people and the experiences. Should we be using the terminology “friends”? Are these people your “friends”, are they contacts, etc.? There are many more interesting ways to frame it around actions (Dopplr with fellow travelers).

Contacts can be imported by giving them your email address and *password*. Do you really want to do this? Does it set users up to be phished?

Google released an address book api that can be used to get your contacts without giving away your email address and password.

Building blocks exist today to build portable social networks:

  • hCard can be used to import contact information from other public services into another service. The point is to make it like magic: let them know what it does, what information would be shared, and how it will be used without necessarily confusing normal users with the terminology (leave it as a link or on an about page). Focus on explaining what you are doing for the user and not necessarily how you are going to do it. Also need to give people the option to only pull in certain contacts – just the ones that you want on a particular service.
  • Need better ways to validate which accounts belong to a friend by following a trail of links. Is the David Recordon on Twitter the same one as the one on Facebook. Once you can specify your accounts and your friends accounts, you can also focus on using the same methods to bring in additional content and information. You are already creating the information, but adding some additional annotation around it makes it easier to find and make the data portable. Google social graph api is one way to do this – all based on public data.
  • Enabling trust on the web with OpenID – you already have these accounts on the web, and OpenID is a good method of verifying your identity. You can use it to log in now and say who you are. If you have other profile information in your hCard, then the other site can discover it. But maybe you only want to share certain information.
  • OAuth is more about authorization than authentication. Authorizing access to your resources using tokens to sign messages, like what you do with Flickr uploader by going to the Flickr site to log in and give the uploader authorization to access your photos. OAuth is really important for giving control to certain websites without giving them access to your username and password, which on Google would give them access Google Checkout in addition to mail / contacts. You can also revoke the tokens and not have to change your password to revoke access. A lot of the big players are moving in this direction.

These ideas are a big part of the evolution of the web. It will be difficult, but it’s a bit of tough love in the meantime.