RESPECT CONNECT “Facebook Connect for Personal Clouds” OR “Social Login that Doesn’t Suck”
Session Topic: Respect Connect
Thursday 3A
Convener: Peter Davis, Dan Blum, Drummond Reed
Notes-taker(s): Drummond Reed
Drummond Reed provided an introduction to this session by explaining that shortly before IIW, Doc Searls had issued a challenge to the IIW community that we have been working on user-centric Internet identity for 8 years now (this is IIW #16) and not solved the problem, so can the emergence of personal cloud infrastructure finally solve the problem? The purpose of this session was to discuss how it could be done via a service that Respect Network called "Respect Connect". It is a single sign-on protocol that operates similar to Facebook Connect but from your personal cloud.
Peter, who is a security architect at Neustar that's been involved with SAML, OAuth, OpenID, and other federated identity protocols, then explained that the purpose of this session was to gather requirements for Respect Connect.
Peter proposed to do that by building a list of "positive goals" for the Respect Connect protocol. Following is the list that was compiled in this session. Positive Goals
- Does not spill your life (presence silence)
- Convenience/ease of use
- Non-invasive
- Adoption by relying parties – RP acceptance
- Relationship management
- Redundant login
Following are notes on the discussion that took place as the list was built. Note that they are incomplete because the attendance was very large (~60 people) and discussion was extremely active.
Sarah Allen, whose company Blazing Cloud has done a number of social login integration projects, said there were two main reasons that relying parties (RPs) want to offer social login:
1. #1 reason is ease-of-use: one-click login.
2. #2 reason is “do what I mean” login, i.e., users know how social login works, and are confident it is going to "do the right thing" (i.e., get them logged in without hassle, not necessarily do the right thing with their data).
Sarah also said that people to NOT want to give permissions to something that they do not yet understand. The drop-off is very high if you ask for more than 3 things.
There was a long discussion of user experience. Current UX is based on norms set by Facebook, Twitter, or LinkedIn. It can be different for personal login.
Kevin Cox said, "I want to be able to just 'Say hello'".
Others said there was strong desire for being able to start a relationship with as little information as possible, and then go through “progressive disclosure” or “selective disclosure” or “iterative identity”.
Another positive goal was the ability to have a direct contractual relationship with the site vs. having another third-party (e.g., Facebook, Twitter) in the middle.
George Fletcher made the point that sites will only adopt Respect Connect if it gets the RP more customers and/or better customers.
There was a long discussion about account recovery, and how Respect Connect personal cloud login would need to account for that. George felt that was very important.
Kevin Marks pointed out that LinkedIn is good about having multiple account recovery options because people lose their email addresses when they lose their job.
Drummond and others talked about how a personal cloud could make account recovery easier since there are so many reasons for a user to keep a strongly authenticated connection to his/her personal cloud.
There were many comments about adoption. Someone observed that Karl Marx said, “It’s not human consciousness that will change, it is the human condition.” This means there has be some benefit to everyone of this new way of doing login.
Gary Rowe made the point about the benefit of individuals having one place from which to use it, manage it, update it, back it up, etc.
Drummond made the point that Respect Connect needs to work for any personal cloud hosting option, i.e., both self-hosted and CSP-hosted.
Kevin Marks suggested that it needs compatibility with Mozilla's Browser ID.
Doc said that personal cloud login could be a way to start a VRM relationship but he doesn’t want to overload it so it becomes unsimple.
We also talked about terms and how Respect Connect could help individuals assert their own terms. Doc was concerned about the RPs not wanting to stop "being the cow" in a calf-cow relationship.
It was observed that Grameen Bank made micropayments work by using group reputation pressure.
Peter said that reputation could be very important because it be associated with each “individual IdP”.
Mark Davis brought up levels of assurance (LOAs). That could an issue, but there are also ways to handle it.
T.Rob brought up the challenge of physical security becoming important for an RP, and many personal cloud hosting options not providing it. This could be addressed by a personal cloud trust framework architecture.
Drummond brought up pseudonyms and how they are also important to consider as part of Respect Connect from a privacy perspective.
Conclusion: there was tremendous interest in driving Respect Connect forward, and a number of participants volunteered to work with Peter and Drummond to develop the specification.