Scott Kveton

Update: Bac’n has been acquired. Look for the book “Makin’ Bac’n: From Idea to Startup in 21 Days” coming to bookstores in April 2010.

I’ve been in the technology space for awhile now. I started as a system administrator/engineer almost ten years ago and that morphed into a novice developer then open source participant/helper then open web evangelist then leading an engineering team building great products and finally, to selling bacon on the Internet.

“Wait, WTF?!” you say? “You sell bacon on the Internet?!”

Yes. Yes I do.

Its really hard to explain but selling bacon is honestly one of the most interesting/fun things I’ve ever done. Its not just technology-for-the-sake-of-technology. Jason, Michael and I created something out of nothing using off-the-shelf tools to make a solution that delivers real things to real people. And we did it all in less than a month.

While meeting with one of our Bac’n advisors (and hopefully future partner) this past week she summed it up best. After years selling and building technology, she was kind of over with it. “I’m tired of technology. I like solutions and business models that can be affected by technology.” You can see why we’re talking to her.

In any case, for about the last two weeks I’ve been flying solo. Doing Bac’n and putting a few feelers out to close friends and colleagues to see what there is to see that better fits my new found love of technology and a business model. I’ve been astounded by the response and there are quite a few interesting opportunities out there.

I’m still going to participate in open web work and helping to develop technologies that keep data free and put the consumer at the center. That’s something that I think is just too much a part of me not to do. However, my journey henceforth will be rooted in figuring out how building a community can be a good thing for your business.

(Note: I resisted the urge to title this post “Ship it” because I knew there would be some serious twitter hate happening – and rightfully so … hahaha)

I’ve been on the OpenID Foundation (OIDF) board of directors since the organization was founded. I was also lucky enough to serve as the Chair over that time and I would love to continue to serve the community in some fashion on the board of directors again.

There have been several questions asked to the OpenID general mailing list and so I thought I would take the time to answer some (all?) of them here. I’m sure I’ve missed some so I’m sorry for that. If you have follow-up questions, feel free to post them here for me.

What would you have done differently if given the chance?

I’d love the benefit of hindsight but the reality is, I wouldn’t change a thing.

When I first got involved with OpenID it was because I had seen the benefits of how open source had affected traditional software and I saw some of those same themes being applied “up the stack” to OpenID. I was excited to see a simple, open effort to start tackling the issues of on-line identity. Back in 2006, there were still a lot of competing technologies in this space; XRI, Lid, Sxip, etc. It was quickly apparent that we needed to get to convergent on light-weight identity lest we miss a chance to build something great for the Internet. It took a few months but by the end of 2006 we had convergence and a small, focused community that had come together to develop and promote OpenID.

By this time we had a lot of the bigger companies out there looking at this technology as well. Their biggest concerns (privately at the time) were the IP ramifications around the technology. The big guys didn’t want to jump into the fray and then have somebody sue them because they had deep pockets. This was one of the primary drivers of the OIDF in the beginning and it was probably the most unsexy work ever. But it had to be done and it continues to this day.

We knew that we wanted to build an organization that could support both the community and the large players that would use the technology. We looked at a lot of different models and even flirted with moving OpenID into the Apache Software Foundation for a time. In the end, we developed a hybrid approach with community and corporate board members for the OIDF. It hasn’t been easy; it was a difficult process to develop on our own but its one that has built in sustainability into the organization while still allowing autonomy for the technology and the community as a whole. Only time will tell if we made the right decisions.

What’s your vision for OpenID and what role does the OIDF play in making it a reality?

I’d like to see OpenID evolve into a solution that makes social networking a feature on the Internet (and not just a site you go to). Today, OpenID is a technology that solves a specific thing and does it with a few shortcomings like security and usability. To get beyond this and take it to the next level, its going to require working closely with the communities developing technologies like OAuth, XRD, Portable Contacts and the like. Fortunately, most of the people developing these technologies are a part of the OpenID community already.

The best thing the OIDF can do to help make this a reality is to stay out of the way. By that I mean, the technology continues to evolve and its the details like IPR, trademarks, etc that need to be sorted out (by the OIDF) but that can hinder adoption if not taken into consideration. I’m all for workgroups to help with usability and security but I think a lot of these things are already happening in the community.

Facebook Connect is a great example of what this could look like. The benefit that Facebook has is that they can enforce the look-and-feel; if you don’t do it the way they say, they can pull the plug on you. This isn’t the case for the solutions we’re building so we have to get to consensus and then worry about distribution. This is a slower model but I do think its a better one. Facebook Connect (and derivatives like Google Friend Connect, MySpaceID, etc) will continue to gain market share and momentum while we figure out the details of how all of this is supposed to work. Slow-and-steady-and-open “wins” the race.

What is the role of privacy as it relates to OpenID and how does the OIDF help/hinder that?

I don’t believe in privacy; not because I’m against it but more because I believe its impossible to achieve. Don’t vote for me if you’re hoping I’ll help drive this technology to be more “privacy” friendly. I won’t. My goal is to help develop OpenID into a solution that can help you share and participate across the Internet as you (not some ‘anonymous coward’). I put myself in the Esther Dyson camp on privacy these days:

I was a much bigger fan of anonymity then than I am now. I thought it was cool. And it is, but it turns out anonymity really encourages bad behavior. I’m not in favor of the government tracking everybody and so forth, [but] at least persistent pseudonyms and communities and stuff like that makes everything a nicer place.

It’s like a lot of things. I’m pro choice, but I think abortion is an unfortunate thing. I think the same thing about anonymity: Everybody should have the right to it, but it’s not something one wants to encourage. And that’s not weasel words, that’s the reality of it.

– Esther Dyson, Veteran tech investor looking back on the evolution of the Net

What are your thoughts on organizational transparency?

Easy: everything should be done in the open that can be. The only times for private conversations are for legal or other sensitive matters (like the hiring of an ED who hasn’t given notice to his current employer). Other than that, financials, technology, board and any other discussions that are happening should be done so in a completely transparent nature.

If elected, what would be your first order(s) of business?

The OIDF has some hard questions to answer about itself. In the first 90 days, the board needs to tackle the following:

1. Determine the role of the foundation wrt the technology; is OpenID a building block technology or a full-blown solution?
2. Define the mission/vision for the organization based on (1).
3. Define clear goals and milestones for “success” based on the mission/vision from (2).
4. At this critical time with OpenID, I believe the OIDF should hire an executive director to help drive initiatives that speak to the mission/vision and goals outlined in (3).
5. Engage developer communities building technology and start to get real-world demos of this “open stack” playing together. We can’t learn anything by talking about it; we need to lead with code. I would see this manifest itself as some sort of developer gathering a la the UX Summit at Yahoo! earlier this year and would be focused on usability and security.
6. Take action on the results from the CRC committee work; what does the industry need/expect from the OIDF? Let’s get a plan of attack together and execute on it.

After the first 90 days the board should come back and evaluate how they have done, determine what needs to be changed and then iterate again.

In Closing

I’d love to continue to serve on the OIDF board of directors and hope you’ll vote for me. Thank you.

I’ve been struggling with the relevance of Data Portability for the last few months now. The ideas around Data Portability have been a work-in-progress for several years; the technologies and communities building them are mature in every way. In this post, I want to try to explain my reasons for leaving the Data Portability project and why I think the Open Web is significantly more important.

I know when I was first introduced to Data Portability I was skeptical but when the ensuing media circus flooded the blogosphere, I had no choice but to jump right in. Many of the people developing the open protocols co-opted by the Data Portability project have hinted (both publicly and privately) at leaving. Others have just outright left.

I don’t have a problem with Data Portability as a whole as much as I do with its leader, Chris Saad. The lack of clarity of vision, the delusions of grandeur and blatant pandering are so frustrating to someone such as myself that has worked so hard to actually do something in this space. I know I’m not alone here, but this week, I reached a tipping point.

First of all, a little history.

David Recordon and I made a point of inviting Chris Saad out to the Social Graph FooCamp in February 2008 as Data Portability was really starting to take the main stage. On the last day, at the eleventh hour, Saad led a talk on Data Portability that got rather heated. Chris Messina, Joseph Smarr, Jeremy Keith, Tantek and many, many others were there saying the same thing: we’re already having these discussions, why do we have to do it now at dataportability.org? We left Sebastopol that afternoon hoping to have Chris Saad really carry on the conversation with the wider audience he had brought to the table. Instead, we continued to hear more calls of “come join the conversation on dataportability.org” coupled with empty press releases instead of real leadership.

At the Data Sharing Workshop where Marc Canter put it all into context for me (and then he prodded me again yesterday). Data Portability is about APML riding along with the rest of the well-known and established Open Web protocols.

Marc and I have had our differences in the past, but on this we both agree.

I’ve always been in the Chris Messina Don’t-stab-babies-in-the-face camp with respect to data portability. Lower-case data portability embodies many of the same ideals around the Open Web. Many small open building blocks, loosely joined helping to enable data exchange and control for users. How can you not like that?!

My reasons are particularly personal for not wanting to participate in Data Portability anymore. I’ve spent close to the last two years chairing the OpenID Foundation board. I’ve seen a fantastic community coalesce out of nothing to create a technology that has been widely adopted. When Data Portability pulled OpenID into its technology stack, I was actually really excited. However, with the expectations set by the media around Data Portability and the lack of follow-through has the potential to negatively impact all of the hard work by these existing communities have done.

My tipping point about this came earlier this week when Jive Software joined the Data Portability group. I love the folks at Jive, have known them for years and always wish them well. However, its a bummer that even folks from my hometown can be misled by this DP media hoopla. When I read Sam Lawrence say:

In the meantime, we’re interested in working with the Data Portability group to help contribute to these standards as well as new ones as well. Hopefully, the organization is now at a point in its evolution to proceed with formal and elected leadership, a standards body, voting process and the rest of the stuff that makes organizations successful.

I realized even Jive had been fooled by the hype around Data Portability. DP is not about creating new technology:

Some things that The DataPortability Project is not:

• We are not a group focused on creating new technologies. DataPortability intends to work with tools that already exist today.
• The group is primarily focused on consumer facing technologies and not those aimed at corporate internal use.

Chris was quoted in Jive’s press release. He knew about this announcement. And yet, as he did with the “Data Availability” release that MySpace did, he opted to “take-all-comers” instead of stay focused on the specific mission of the Data Portabililty project.

More importantly, its not where the discussions about these protocols are happening. They are already happening on openid.net, oauth.net, microformats.org and many, many others. I’m excited to see people talking about OpenID within the Data Portability project, but I feel like they are actually taking away from the existing communities and misleading the new members of the Data Portability community.

I put the blame for this type of messaging and lack of clarity squarely on the back of Chris Saad. I’m actually really amazed at the quality of people that have joined the Data Portability community. They are well-spoken, understand the meaning of collaborative discussion and are very passionate about the project itself. But Chris hasn’t shown the ability to stick to the goals and mission of his organization and community. In fact, the DP community does a better job of staying on point than Chris does.

David Recordon is on the right track; how do you support the Open Web? To me, the Open Web is what this is all about. The Open Web is the key to the centralized me or citizen-centric web we hear so many people talking about. Without interoperable formats and protocols, all of this stuff will be a pipe dream.

Instead of just complaining, I’m going to continue focusing my efforts where I think I can make the most impact. I’m going to continue working hard to promote and enable the OpenID community, I’m going to continue to encourage and engage in discussions with projects like OAuth, microformats, DiSo and others and I encourage everyone to join me in doing the same.

When we look back at 2008 it will be the year that we saw as the start of something great with freeing users’ data and putting it in their control. We’ve already seen some great momentum around the Data Portability project and seen some great events (such as SG FooCamp ‘08). Several more events are just on the horizon and you should make sure you attend.

The first event is the Data Sharing Workshop happening April 18th and 19th in downtown San Francisco. This is happening on a Friday and Saturday so as to best accommodate the needs of attendees and with it right in the city we should see a larger audience for something further down the peninsula.

Directly following IIW 2008a we’ll be having the Data Sharing Summit. This will be a chance for stakeholders across the entire data portability eco-system to come together and talk brass tacks about what we’re trying to accomplish and how to make it a reality. We’ll be focusing on specific technical details and how we’re going to get from point A (today) to point B (tomorrow).

Why two events so close together? Well, we’ve got a lot of work to do and we’re already a quarter of the way through 2008. If you’re at all interested in participating in the data sharing/portability conversation these are the two events to attend without question.

I hope to see you there!

I did the Beer and Blog tonight on how to OpenID enable your blog. Thanks to Justin Kistner for inviting me and thanks to everybody for showing up to hear me talk about OpenID (again and again and again) … ha!

The gist of tonight was to show folks how easy it is to OpenID enable their blogs. With most folks using Wordpress these days, I did a basic install of Wordpress 2.5 RC1 with the wpopenid plugin that Will Norris has built. From a couple of zip files to a full-fledged blog its about 5 minutes total work if you know what you’re doing.

If you want to use your own domain as an OpenID, check out Sam Ruby’s post about OpenID delegation to learn more. (Note: see here if you want to do delegation with myVidoop – yes, shameless plug).

Now, some folks don’t necessarily want to use Wordpress. No problem, there are plenty of other OpenID enabled blog platforms and content management systems. Here are a few more (feel free to leave comments if I missed anything):

• Moveable Type 4.0 – This is a great alternative to Wordpress and Six Apart has really started to put some extra work into making this a great platform for your blog.
• Drupal – Drupal is one of the premier content management systems out there and starting with Drupal 6.0, OpenID (both consumer and producer) is built-in by default. This is a CMS that has really started to mature into a fantastic piece of software with an amazing community.
• MediaWiki – MediaWiki is the defacto leader in wiki applications out there. With the OpenID extension you can make it even easier to create and manage your own wiki with ease.
• Joomla – Another CMS, Joomla with its OpenID extension allows full-integration.
• dotnetnuke – As hard as it is for some folks to believe, people actually build some cool applications on .NET. One of those (and that has native OpenID support), is dotnetnuke which is a content management system for Windows.
• Roll your own – You might want to roll your own applications. If so, check out OpenID Enabled which is a great resource for specific OpenID libraries.

These are just a few of the many applications, frameworks and libraries that are available for OpenID-ifying your sites. Now, Go forth and implement OpenID today!

Marshallk talked about it and David Recordon did as well and Kevin Fox wrote about it yesterday but I thought I’d mention something about it as well.

Yesterday, Ma.gnolia deployed new login infrastructure that is 100% OpenID only. You don’t create a Ma.gnolia account anymore, you come with your OpenID, Facebook account or some other means of login.

Why is this a big deal? Well, it turns out spammers like to create accounts for bogus link love on Ma.gnolia. This stinks for Larry and his crew but also for the community that has grown up around this great site. By pushing this off to other sites, now the Ma.gnolia folks can focus on what makes their site great; not stopping spammers.

This is a really interesting trend and I think something is going to bubble out of this; reputation. We need to be able to take advantage of the fact that a) I have lots of accounts and b) I can link them to one OpenID to prove that this-is-likely-a-real-person.

Props to Larry and his team … well done guys.

One of the most lively discussions at SG FooCamp was the Data Portability talk. Chris Saad was the host and a bevy of folks (Chris Messina, daveman692, Eran Hammer-Lahav, jsmarr, Tantek, Adactio, John Panzer, Eran Sandler and many others) were there talking about how to turn all of the Data Portability energy and excitement into something tangible. One of the ideas was for Chris Saad to turn DataPortability.org into the place for the discussion about how all of these technologies can work together and hopefully relate the conversations happening in each of the communities.

I know Chris has done a few of these videos already:

• http://seesmic.com/v/Co8lFpDaMz
• http://seesmic.com/v/fN4utUYa6C
• http://seesmic.com/v/laUHx3ie9j
• http://seesmic.com/v/qcdpwCUX4l
• http://seesmic.com/v/sb8qjEF57p
• http://seesmic.com/v/Dk76sdlGMk

This is a great start and I want to do my part. I like the ideas, momentum and people that have come around the Data Portability Workgroup, so this weekend at SXSW 2008 I’m going to actually do something instead of just listening quietly on the mailing lists … :-)

Myself (look for me in some sort of Portland/Bacon themed t-shirt) and fellow Vidoop partner-in-crime Luke Sontag will be prowling walking the expo floor, taking in sessions, attending pre/post events, raiding BarCamp Austin III and everywhere in between seeking out your thoughts on Data Portability, the Open Web, portable social networking, DiSo, whatever. These topics mean a lot of things to a lot of people and most importantly to those of us in each of our communities (OpenID, OAuth, microformats, etc). The goal is to simply document thoughts from people in the space (and not just the “leaders” either) and make it accessible to everyone wanting to participate in the conversation. Hopefully this will increase awareness and help people come together more effectively on the problems at hand.

A few of the questions I’d like to pose:

• What has the impact of the Open Web been for you, your work or the applications that you use?
• What does Data Portability mean for the work that you’re doing today? For the applications that you use?
• Is portable/distributed social networking/DiSo possible and what are some steps to move it in the right direction today? Where should we be by 2009?
• Every web site seems to have a life streaming component now, does it matter? Is it relevant? What are your thoughts on life/action streaming?
• OpenID and OAuth both have the concept of an end-point that does interesting things for the user. What are some possibilities for this end-point with relation to the work you’re doing? The applications you’re using?
• Google announced the beta of Google Health and its inevitable that more and more of our data will be ending up on-line. Is this a good thing? How can you better manage and protect this data?

These will be short, bite-sized interviews (hopefully under 5 minutes or so) and we’ll get them on-line as quickly as our crack video team can get them up. I’ve already lined up a few really great people to chat with so far and am looking for more. Would you like to weigh in on the questions above? Do you have other questions you’d like to ask? Comment below and I’ll either work the question in or find you at SXSW. See you all in Austin!

What a week its been. This past weekend was SG FooCamp ‘08 (more on that below), on Tuesday I got a new job and then yesterday we made the long-awaited announcement around Google, IBM, Microsoft, VeriSign and Yahoo! joining the OpenID Foundation board. Add to that trying to get a house ready to sell, moving, finding new office space in Portland and speaking at Ignite Portland 2 this has easily been the craziest (and most fun) week I’ve had in years. I really wish I’d had time to write this post earlier in the week.

What I really want to talk about here is about where we’re at now that the dust has settled from SG FooCamp ‘08. When David and I cooked up this event we had one thing in mind and it quickly morphed into something else. The outcome from my perspective was an entirely positive one. Lots of amazing people got to make some really great connections, people hacked on code, discussions (heated and otherwise) were heartfelt and engaging all weekend long.

That said, I’ve certainly taken my fair share of abuse for organizing the event. It was invite-only and for that I’m more than willing to take some heat. David and I chose the invite list and the reality was, there was a finite amount of room (we somehow crammed 105 people in over the weekend and a good chunk of those slept in tents in 30F+ weather). Okay, so where does that leave us?

In my travels this past week, in blog posts I’ve read, in people I’ve seen (even at Ignite Portland) it was clear that everyone wished they could be at SG FooCamp ‘08. People want an open discussion about these things. Me too. And even more so now that we had this event last weekend. Social graph/data portability/distributed social networking/etc … this is as much of a technical problem as it is a policy and best practices one. The weekend showed to me the passion that a small group could have around this space. What if we expanded the scope significantly?

We already have the Internet Identity Workshop as well as the Data Sharing Summit. Both of these are open-space style events and both are really well attended and organized. I think there is room for something combined or even expanded in scope.

I can foresee two tracks to an event like this. One would cover the hacking pieces. How can we use XMPP? What does Google’s Social Graph API reveal? What are the hard problems devs are dealing with? The other track would cover the policy and best practices components. How do we put users in control of their data? What should be the rules/best practices around scrapping? Who owns my data? Yes, I’m suggesting that we bring together a cross-section of people to discuss this. This could/should even be an extension of the DataPortability work going on. Its not a contest and its not about size, but I could easily see 1000 people coming to an event like this and I can only imagine the intensity and camaraderie being 10x what we had at SG FooCamp ‘08.

Okay, so … who’s going to do it? I was really hoping to hear word of a another Data Sharing Summit from Marc and Kaliya. I think its a great basis for this event and I’d love to help make it a reality. The sooner the better in my opinion. People are hungry to discuss this and with the maturation of technologies like OpenID, OAuth and microformats we have the building blocks we need to make it happen. I’m ready to roll up my sleeves, anybody else?

Its been a long time coming and certainly a huge milestone for OpenID. Everyone on the board is really excited about this news. Here are a few snippets of the coverage:

• O’Reilly Radar – OpenID Foundation – Google, IBM, Microsoft, VeriSign and Yahoo
• ReadWriteWeb – OpenID News: Big Co’s Put Money Where Their Mouths Are
• Dick Hardt – Industry Giants join OpenID Foundation Board
• VeriSign Innovation – OpenID Foundation: Does the world really need yet another identity organization?
• TechCrunch – OpenID Welcomes Microsoft, Google, Verisign and IBM
• Mike Jones of Microsoft – Microsoft Joins the OpenID Foundation and its Board of Directors
• Mashable – Google, Microsoft, Yahoo, IBM and VeriSign Join OpenID Foundation
• TechCrunch UK – Google, Microsoft, Verisign and IBM join OpenID

(links courtesy of daveman692)

As always, the best is yet to come … :-)

I’m at SFO on my way back to Portland after a fantastic weekend in Sebastopol, CA at SG FooCamp ‘08. A really, really huge thanks to Tim O’Reilly, Sara Winge, Tony and the rest of the O’Reilly staff for providing a fantastic venue for this event. Also, we had some great sponsors in BBC, Google, MyStrands, Six Apart and Yahoo! We couldn’t have done it without you.

As a little background, David Recordon and I came up with the idea for SG FooCamp literally 44 days ago. The original idea was to get a bunch of hackers together, lock them in a room for a weekend and see what happens with respect to distributed/portable social networking, data portability, etc. Slowly but surely the invite list went from 10, to 25, to 30 … then David mentioned it to Tim and the idea was hatched to turn it into a FooCamp style event and host it in Sebastopol. Sweet. Now we can go all the way up to 70 people. We blew through that about an hour later and by the time all was said and done, we had over 100 people show up for the event.

It rained most of the weekend in Sebastopol (I must have brought it from Oregon with me) but the rain actually forced folks to stay inside and participate … the sessions were fast and furious and some of them pretty intense. It was cramped inside the O’Reilly facility but it sort of reminded me of the old school OSCON events hosted in the basement of the Portland Marriot; small spaces led to so many great conversations (and the booze helped to lubricate things).

Some of my favorite moments:

• Putting names with faces for just about everybody else I follow in Twitter
• Chris Mocko amazing us with his statistical prowess (”I’m less likely to be a werewolf this round”)
• Drinking the XMPP koolaid – XMPP may be the killer app that drives things like OAuth and OpenID … its the data stupid. Really cool stuff Twitter is doing in this space.
• Great OpenID/OAuth discussions
• Portland representin’ with Matt Tucker, Renny Gleeson, Brian Ellin and myself (and technically Brad and David)
• Watching Brad and Eran figure out OpenID <-> Email identifier specification in a matter of minutes.
• Discovery, discovery, discovery.
• Talking about OpenID as a URL (why is that interesting?) as well as UI.
• Realizing that Joseph Smarr is not only a great developer and evangelist for Plaxo, he’s also a great entertainer and tequila provider … err enabler.
• Fantastic Open IPR discussions (yes, this can be fantastic) … I’m always drawn finding an end solution and the idea was hatched for an administrative org like “The Open Web Foundation” to help technologies like OpenID, OAuth and others … who knows if it makes sense … hoping to talk more about this.
• Quality time with Chris Messina.
• Renny Gleeson coining the term “ebrandgelist” and thinking he actually coined it … :-)
• Making Sara Winge laugh and doing my video interview after far, far too much cider.
• Endless games of werewolf until late, late, late into the night.
• Getting to meet Chris Saad and talk seriously about Data Portability (have a whole other post to share on this).
• Sleeping outside both nights while the temperature was in the 30’s … I knew I kept that +15 bag for a reason.

I took about 500 pictures over the weekend and will be posting them on Flickr soon (its going to be tough; Ignite Portland 2 is on Tuesday and I’m not ready!)

What started as a weekend of hacking turned into a chance to bring together a bunch of different folks that don’t necessarily know each other. The biggest thing I’m taking away from this weekend is the direct connection to so many fantastic people. Now when I see their tweets, I’ll hear their voices and see their faces. I don’t know if we’ll do this event again. There was so much interest and we could have done a Social Graph conference on this (easily I think). Hopefully we can weave some of those themes into upcoming events like the Data Sharing Summit or even IIW.

Thanks everybody for participating and I can’t wait to see everybody again soon.