Tag: web

Platform Designers – Think Reach, Cloud, Usability

Posted by Dhananjay Nene – December 23, 2008

A couple of days back ReadWriteWeb announced the “Top 10 Web Platforms of 2008“. I was trying to put together what it means to platform designers, and here’s my 2c worth.

Lets quickly look at the list

  1. iPhone SDK
  2. OpenSocial
  3. AdobeAIR
  4. Twitter API
  5. Facebook Platform
  6. Android
  7. Amazon Web Services
  8. Live Mesh
  9. Fire Eagle
  10. Mozilla Weave

Here’s my learning from the list :

Reach :

The most important asset a platform can provide its users is to extend reach. The number one platform iPhone SDK will not run on all OS’s, uses a rather atypical set of frameworks and languages and yet developers flocked to it. Three others in the top 5 – OpenSocial, Twitter, Facebook also allow the developers to plug into a set of existing relationships and networks and leverage them. If you want to write a platform, first and foremost see if you can extend your user’s reach – if you can, your users will come flocking.

Cloud Experience :

The cloud is here. OpenSocial, Twitter, Facebook, AWS, LiveMesh, FireEagle and Mozilla Weave all contribute to the end user having a superior cloud experience. If you want to write a platform, ask yourself if it will make things easier for the user on the cloud.

Usability and RIA :

Usability still counts for a lot. Both iPhone and AdobeAIR help make it a far superior usable experience (I can’t comment on Android yet). Moreover RIA on the desktop and mobile are still alive and kicking. If you take care of your user’s users, your users will come knocking.

StackOverflow is SpiritUnderflow – A plea to not deprioritise content and spirit

Posted by Dhananjay Nene – September 23, 2008

I must confess back in the mid 90s I was an avid usenet user. Over the years I have watched the overall development community online interaction landscape changing (mailing lists, web based forums, blogs, wikis, blog aggregators, voting systems etc.). While each change seemed a little questionable at times, these have brought in a tremendous vibrancy in the developer interactions even though I still feel like composing a Usenet GaGa song (just like Freddie Mercury did the Radio Gaga thing). While I wondered as each change was introduced, what it implied, I never felt strongly enough about it to speak loudly. Till Now.

Take a look at stackoverflow. Its seems to be getting a tremendous developer community traction. I wish it the very best and believe it has been successful in many ways in being able to attract so much traffic. But as I move around it, I just feel a little odd. I also feel a little old perhaps. While the following may seem to be a rant it is not. I end the post with a suggestion which I suspect might be helpful to people who might be having similar opinions.

  1. Content gets deprioritised : Here is a list of things that appears in a bigger font than the main content / discussion itself.
    • Vote Up Arrow
    • Vote Down Arrow
    • Number of votes received
    • Asked When
    • How many people answered it
    • How many votes it received
    • How soon it was answered
    • When was it last updated
    • Advertisement blurb text

    Don’t get me wrong. Its not like I am against this information. But so much metadata about the question / answers and displayed so boldly ? I want to come into the site review some questions quickly, review their answers, maybe post a few questions or answers myself, and want to go back on do my work. So much additional information is quite distracting and imho leads to much more inefficient browsing sessions.

  2. Voting is too much in your face : I think voting is useful. Voting allows a democratic mechanism of content prioritisation. But this is way too much in the face. There’s no way I can focus on the content without getting distracted by the votes per answer. One of the limitations of voting is that there is no way to understand why someone liked or disliked your answer. Good old usenet or other non voting channels of communication forced everyone to chip in descriptively which made for a much richer content.
  3. Am I in an election ? Since voting has been made so prominent, try hard as you can it is difficult to get away from trying to find out how many votes your earlier responses got, and how many points you have accumulated. I suspect it also starts driving your behaviour somewhat (more on that later) in a narcissistic pattern which starts shifting your focus from communicating ideas to pitching self (its a subtle difference but a strong one nevertheless). I don’t mind pitching at all, in fact I do it in multiple places including in my blog. But pitching self can be too distracting when carried forward to every question and answer.
  4. Am I a pin up board ? Whats this thing with badges ? Thirty different types of them to be precise. This number is probably ten times what might be useful (Novice, Seasoned, Guru .. or something similar). Why am I even getting these ? And why does how many badges I have need to be carried around wherever my user id is shown. Again, these toys are taking us away from content.
  5. Where is the spirit ? The thing I find lacking the most is the “spirit” of discussion. Now I don’t particularly encourage the use of expletives or do it myself, but I can be exceptionally strong at times in my communication. Some discussions on usenet, online forums, blogs etc. get quite interesting not because of the content alone, but also because of the personalities behind the same. I do not generally see any strong language (not that I particularly regret it per se but its an indication of the lack of spirit). I would qualify most discussions I have browsed as quite good on content but extremely tepid in spirit. This could be due to the contributors keeping an eye on the number of votes their answers are getting (almost feels like a extremely busy place of worship at times instead of a noisy bazaar that I personally would so much want to look forward to).

So should we do away with all this stuff ? Absolutely Not. All I am requesting is that we maintain a sense of balance in prioritising the different aspects of online communication. While there are other of ways in which StackOverflow is superior, I am sure one of the sites it could look as a reference in the context of the points I mentioned above is reddit.com.

Reddit comments page has voting based prioritisation, karma points. But these are never in your face and they don’t overshadow the content. You can actually safely browse through the page and ignore these. There are no other distractions. On any particular topic, one can cover many many more opinions in reddit much faster than in stackoverflow, and in any given browsing session, one can cover many more pages / questions in reddit than one can in stackoverflow.

I suspect there is a good likelihood, my opinions are in the minority but a minority that is not miniscule in size. I am opening a request in stackoverflow uservoice. If you feel supportive of the thoughts expressed above, please support by voting for the request : Provide alternate skin / theme for content focused browsing.

Implications of OpenID on software design

Posted by Dhananjay Nene – February 5, 2008

In my earlier post “OpenID or OpenAvataar ? UserID or AvataarID ?”:http://blog.dhananjaynene.com/archives/14 , I referred to the fact that a user may have multiple OpenIDs (my hypothesis being that these will reflect his various avataars). The question I attempt to answer here is how will usage of OpenID impact the design of the software itself.

h3. Case of a site with OpenID integration

Here’s where things get interesting. One of the sites I went to “dzone”:http://www.dzone.com which is supposed to be for developers. It supports OpenIDs, but when I try to go to the registration page, here’s what I get.

dzone-register.png

Notice that the site seems to be supporting an OpenID login (bottom right) but yet goes on to add the following : *”You will need to set your password using the one-time link you received in your email before you can login.”*. I could not find any way of using my openID without the site creating a new user id and a password for me that it would send me to my email address. (And this is a rather geeky set of sites which seems to implement a single user id across JavaLobby, EclipseZone, dzone and JavaBlackBelt.). Clearly this was not how I believe OpenIDs were intended to be used (remember they are supposed to reduce userids and passwords) since the site expects me to create one more userid and one more password.

I shall assume that these sites are in the middle of a incremental transformation towards an OpenID oriented site and hopefully at a future date, I can simply register myself using my OpenID without creating any new userid or password.

h3. Design considerations when using OpenID

I submit the following as requirements for any OpenID based account registration

* My OpenID should be my userID / accountID (i.e. I am my OpenID)
* I should not be required to provide any new userid / password
* I may be required to provide additional information required by the site which is not published within my OpenID

But wait a minute we just went past the hypothesis that multiple OpenIDs could map to one Identity (UserID?). If that has to hold true, I need a new user id to be created so that I could map multiple OpenIDs onto it. But that seems to only exacerbate the problem that OpenID originally tried to solve. ie. the runaway number of userids that I seem to be having. Clearly something does not line up well here.

The one reasonable way I can imagine this working out fine is if the site itself focuses on the Avataar / Persona / OpenID and not necessarily the user’s unique Identity. ie. The site just keeps track of Avataars and does not attempt to link it into one single user id, and does not create a password for the same. Now me as an independent professional in my individual capacity and myself as the agent of an organisation could log in into the site independently as different avataars, and the site could treat each of my avataars as simply equivalent to what would’ve otherwise been two different userids. Thus the site no longer needs to keep track of my userid or my unique identity. It simply keeps track of Avataars or Personas, and in general does not focus on specific person’s identity.

However there are some sites which require user identity specific information (e.g. Online Drivers License Renewal assuming thats allowed in your region). Clearly in such situations, additional attributes would need to get attached to the avataar which reflect the specific user identity (actually more likely – the OpenID would need to get attached to the specific user identity). Whether one should require a unique constraint around such additional attributes (eg. two avataars cannot have the same drivers license number) is probably an site / application specific decision.

It is also quite likely that I might want to change the OpenID I use for a particular avataar. So there probably needs to be an internal unique identifier for the avataar, with an ability to change the OpenID that is used to login as that avataar (similar to the ability to change the primary email address). This actually is something which the OpenID spec does not address, thus transferring the onus of maintenance of such a mapping between an OpenID and an application / site specific avataar id (which probably just would end up being an internally generated number). As an aside this is something “inames”:http://www.inames.net/business.html does tackle explicitly

bq. This means all global i-names have a corresponding global i-number that represents a permanent identity that will never be reassigned even if a global i-name expires or is sold.

h3. Do I need a password field / column ?

If you are supporting OpenID users only then you no longer need it. But if you are supporting both site specific userIDs and OpenIDs you will still need to conduct authentication for the site specific userIDs. If you are building in support for OpenID in an existing application, you will probably keep the encrypted password or the password hash in the password column for the site specific user ids.

If you are building a new application however, and you still want to support users who do not have an OpenID, consider building your own OpenID provider. Thus generate an OpenID for such users only when required. Have the User Account Maintenance capabilities simply depend upon an OpenID provider (one of which could be your own). Should you want to get started on using some open source OpenID providers here’s a list of “OpenID Open Source Libraries”:http://wiki.openid.net/Libraries .

h3. Summary

# Design for new user registrations using only their OpenIDs ie. no new externally known userid or password
# If migrating towards a OpenID based infrastructure, you will need both non OpenID and OpenID users to coexist.
# Map the OpenID onto an internally generated and externally invisible id.
# If you want to allow users to link up their multiple OpenIDs, build for associating each such OpenID with the same internal Id. In this case users can freely add / remove other OpenIDs, subject to the constraint that at least one OpenID always remains associated with the account.
# If you would like to deal only with the user avataars and offer separate view of your site to each of his avataars, the ability to link multiple OpenIDs together may not be required. However do allow the user to change his OpenID (since he may find a good reason to want to change his OpenID provider in the future).
# If you are interested in supporting only one id per person consider using a different externally known identifier that uniquely identifies the person (could be the social security number or driving license number or something else). That should be the internal handle to the user which is enforced as a unique identifier (you can still choose to have another internally generated id). You can now associate one or more OpenIDs with that user and allow any one of them to be used as the authentication mechanism.
# If you are building a new application ground up, consider designing your application to work with OpenIDs alone. To cater to users not having OpenIDs, build a separate small application to allow them to create and maintain their OpenIDs

OpenID or OpenAvataar ? UserID or AvataarID ?

Posted by Dhananjay Nene – February 5, 2008

h3. Introduction to OpenID

Lately with the prolific activity around “OpenID”:http://openid.net and especially with a biggies like “Yahoo”:http://openid.yahoo.com and “AOL”:http://dev.aol.com/topic/openid , I was getting curious about how this will influence identity management both on the public internet and corporate intranets. One of the nice starting points to understand OpenID is “OpenID » What is OpenID”:http://openid.net/what/ , and for developers is “OpenID » developers”:http://openid.net/developers/

h3. How many OpenIDs per person ?

The “OpenID » What is OpenID”:http://openid.net/what/ page says

bq. OpenID eliminates the need for multiple usernames across different websites, simplifying your online experience.

This is a wonderful thing to happen, since we have been sufficiently bothered with trying to keep track of a whole bunch of userids and the passwords. It further goes on to add

bq. For businesses, this means a lower cost of password and account management, while drawing new web traffic. OpenID lowers user frustration by letting users have control of their login.

There is some correlation that is now being drawn between an OpenID id and an “account”. However it is still not yet clear what the OpenID reflects. Further it goes on to add

bq. For geeks, OpenID is an open, decentralized, free framework for user-centric digital identity

Now I start wondering does my OpenID reflect my user-centric digital identity ? Turns out I can have as many OpenIDs as I want. So there seems to be a *many to one relationship* between *my OpenIDs* and *me*.

This then is further reinforced in one of the articles that are referred to from the developer page “A Recipe for OpenID-Enabling Your Site”:http://www.plaxo.com/api/openid_recipe . This page contains the following text :

bq. Here’s an overview of what you’re going to add to your site:
1. A new database table to map OpenIDs to your internal user IDs
* It’s a many-to-one relationship (each user can have multiple OpenIDs attached to their account, but a given OpenID can only be claimed by a single user)

The “OpenID specification”:http://openid.net/specs/openid-authentication-2_0.html of course provides the most appropriate and insightful definition of OpenID even though it kind of has us wondering – what is the ID in OpenID (and leaves us with the loosely comfortable with the thought that the ID is simply an ID in the web space and has nothing to do with User Identity).

bq. OpenID Authentication provides a way to prove that an end user controls an Identifier.

So it seems sufficiently clear that an OpenID is not meant to reflect my identity the way my Tax Identification Number or Social Security Number or Drivers License Number works (ie. exactly one valid identifier per person at any point in time).

It is now clear OpenID reflects what I own (to the exclusion of others) rather than who I am. My OpenID does is not a unique or exclusive reference to me or any of my identifying characteristics as much as it asserts the fact that I control the ID and therefore others don’t. But that still leaves me thinking even harder – how many OpenIDs do I really need ?

h3. Why would I want to have multiple OpenIDs.

Sure having multiple ids is nice since I now have multiple providers, I am not tied to any particular one, I can have redundant ids. etc. etc. The reasons are quite similar to why I might have different email ids. Turns out at least in my case the most dominant reason why I would want to have different open ids is the same why I would want to have different email ids : *I have different facets to my identity and I would like each to be reflected differently*. Thus I might want to have _one_ OpenID to reflect my persona as a professional consultant, _another_ to reflect me in my personal and individual capacity, and _yet_ another to reflect my persona within the context of a particular of a client / project / organisation. This way I could use my personal openID across all my social networking sites, my professional one across a smaller number of professionally focused sites, and probably my organisation specific ID being used for sites hosted by a particular organisation which really isn’t focused on my global identity but wants to create and independently manage a single ID within that organisation. The number of OpenIDs I would want to reasonably maintain is the number of personas or avataars I want to project on the web. Thus I probably need 3 *avataars* instead of 1 identity or the hundreds of site specific userid/password combinations I today have. Probably I can better understand the word OpenID if in my mind I was to call it *OpenAvataar*. _My Submission here is that each person may have multiple openIDs and we shall probably be using each one to reflect one avataar. This is likely to be the primary reason why each person may have multiple OpenIDs”._

h3. Summary

* An OpenID does *not* exclusively identify a particular user. It simply asserts that users control over the OpenID.
* A user may have multiple OpenIDs. My hypothesis is that each of these is likely to reflect one of his avataars

Will the knol be a knowall ?

Posted by Dhananjay Nene – January 3, 2008

Google set off this new term *knol* _(unless it has been around before and I am not aware of it)_ in this “blog post”:http://googleblog.blogspot.com/2007/12/encouraging-people-to-contribute.html .

First of all the “screenshot”:http://www.google.com/help/knol_screenshot.html is both attractive and impressive. While this has more to do with the folks who created it rather than the concept of a knol, it sure seems like a screen design worthy to take on “Wikipedia”:http://www.wikipedia.org .

As an aside seems to be that “four letter words”:http://en.wikipedia.org/wiki/Four_letter_word are rather becoming the in thing in the recent contribution to english language : blog, wiki, and now *knol*.

There’s already some speculation out there whether this will mean a google taking on wikipedia, about , or a whole host of other sites that are being talked about.. I don’t intend to speculate on that here. One of the apparently salient points about a knol is the fact that each knol is authored or primarily edited by one person, whose information is boldly displayed.

There are cases where content needs to be personalised and others when it needs to primarily collaborative. Wikipedia and many community maintained wikis are a great example of collaborative content, whereas blogs under most circumstances offer very personalised (ie. individually authored – not individually tailored) content. This is a reflection of whether the content needs to be a community or an individual view.

Another dimension is the targeted persistence duration of the content. A blog posting like this may be far less relevant a year down the road, than say an article that I write on this blog.

h3. Wiki or Knol

More…