I’ve started working with Metro 1.1, the new, high-performance web services stack from Sun. Metro packages up Sun’s reference implementation of JAX-WS (Java API for XML Web Services), JAXB for bindings and WSIT (Web Services Interoperability Technologies) into one comprehensive package. I’m sure I’ll be posting more about my experiences later.
Principles of OpenID
OpenID was created by Brad Fitzpatrick, the founder and technical whiz behind LiveJournal, one of the more popular blogging sites. Through his experiences building and operating a world-class blogging engine, he became painfully aware that the necessity for users to create separate login accounts for every web site they frequented was a severe impediment for users. He created OpenID in an effort to provide a single sign-on system that could be shared across otherwise unrelated web sites.
Since its original inception, an active community of technology companies, user companies and open-source developers has formed around the OpenID specification. Participants of this community actively critique the OpenID specification, propose enhancements and help guide OpenID’s evolution.
As the OpenID specification has evolved, a set of basic principles has been established:
- OpenID should provide a single sign-on that can be used with multiple web sites.
- OpenID should support de-centralized identity verification.
- Nobody owns OpenID.
- Nobody controls OpenID.
- No single point of failure.
- OpenID should be a simple and light-weight sign-on service.
- OpenID should be easy to use and deploy.
- OpenID should be free.
- OpenID should be an open standard that changes based on community needs.
These principles are important, because they have a major impact on the directions in which the OpenID community works to evolve and improve OpenID.
The first, and most obvious, principle simply expresses the basic intent of OpenID, which is to provide a single sign-on system that can be used across multiple web sites. The basic concept for OpenID is that users can possess one or more identities, which function for people in much the same way that domain names function for web sites. Think of an OpenID identity as a personal URL. Some examples of OpenID identities are:
joeschmo.myopend.com
opened.aol.com/eve123
The next principle is that verification of OpenID operates in a de-centralized manner. Again, in much the same way that domain names are supported. The OpenID community believes (and so do I) that the public will not accept a cross-site identity scheme owned and controlled by any single company.
This is why other technologies, notably Microsoft Passport (which has also been marketed under several other names), have never been able to gain widespread acceptance. De-centralization of identity verification also provides another benefit – it ensures that there is no single point of failure for OpenID identities.
The OpenID community believes very strongly that the user should control their online identity, and that includes the choice of what company or web site will provide verification for their identity. With an identifier like “joeschmo.myopenid.com,” the identity is “joeschmo” and “myopenid.com” is an OpenID Provider, i.e. — a web site that provides the service of verifying that identity for other web sites.
Another principle is that OpenID provides a light-weight authentication service. Essentially, OpenID verification allows a user to claim, and then prove, that they own a particular identity. It does not natively support stronger claims, such as:
- Identity “joeschmo” really belongs to an individual named “Joe Schmo.”
- Identity “joeschmo” belongs to a person aged 21 years or older.
- Identity “joeschmo” belongs to a person with a good credit rating.
- Identity “joeschmo” belongs to a male.
There may eventually be other services built on top of OpenID that support these stronger assertions about an individual. But all OpenID does is verify that an individual does, in fact, own their identity, i.e. — their own personal URL.
The other principles have to do with ensuring that OpenID becomes available to as many people as possible. To support this, OpenID should be free, easy to use and easy to deploy. In fact, OpenID is already supported in numerous development languages, including .NET, Perl, Ruby, Java and many others.
Finally, the evolution of OpenID is regulated in an open manner by the OpenID community. There is no single company that directly controls the fate of the OpenID standard. There is an active, extremely vocal and widespread community that is intent on both enhancing the OpenID standard and ensuring that its evolution continues to adhere to the basic principles that have been established.
JRuby Speed Test
JRuby has come a long way in the last two years. There’s been a ferocious amount of work put into re-implementing Ruby in Java, complicated by the fact that there has never been a written specification for the Ruby language.
There has also been some intense cooperation between the JRuby development team, the original Ruby developers and the Rails core team. The goal was to make JRuby a viable platform for fielding Rails applications. Further, by allowing easy access to legacy Java code, the hope has been that JRuby would provide an easy mechanism to allow Rails and Java applications to live happily together, or to provide an easy way to transition from Java to Rails (in much the same way that C++ was an easy transition from C).
In recent speed tests that have been publicized on the web, it appears that JRuby is now generally faster than Ruby. Check out this blog post for more information.
JRuby has clearly evolved into a viable platform for fielding Rails applications. I expect to see some changes in the Rails landscape over the next year, as Rails expands away from so-called “green-field” applications and becomes more of a player in corporate development efforts. This will, in turn, be a key factor in helping Rails jump the “adoption chasm” and become a more widely used technology.
Winning an iPod Touch
I just won the new 8GB iPod Touch at an AOL offsite event (for best team scores in bowling if you can believe it). Within 8 hours, I had it filled with music, i.e. – more than 700 songs. Truly an impressive device … expect some posts about it later.