il maestro ignoto

Nic Ferrier and I have been doing a lot of work with XSLT recently. This prompted a discussion on the merits of forming an XSL community and to find out whether other known XSL users in London saw the merits of one, we decided to have a preliminary event (another excuse for a pub visit) in order discuss pros and cons.

We met last night at the Prince Regents Pub on Marylebone High street and in attendance were Ian Forrester, Tom Morris, Andre Lambrechts (Larry) and Will Prescott (both from Thompson) and of course Nic and myself. Sheila Thompson was planning to join us but could make it unfortunately. There’s something to be said for communities and even though a small gathering, it became immediately obvious why such a group would be beneficial for all involved. Larry put it best when he said “We need a way of seperating the wheat from the chaff.”

It isn’t my intention to discuss the benefits of XSL in this post, any number of mailing lists and more talented developers and designers are doing that everyday. A few of the problems we are hoping to solve include providing companies with a place to look when in need of XSL developers. Agencies, we have determined are no good at this, all you need is a mention of XSL in your CV and you are viewed as being a qualified candidate - this isn’t the case when your only use involved the transform of a SOAP response to some other format 3 years ago. In fact more often than not, you either get someone with no idea besides a simple use a while ago or an expert who wants to break your bank account and rewrite xalan first. Yes, functional programming breeds zealots. We ‘d also like to provide developers with a forum to show off their skills, teach and mentor other developers.

We plan to meet once a month for small hacking/tutorial/masterclass sessions. We need interested developers to attend and we need capable hackers to come teach at these events and this is where you come in. We are forming a community and we want YOU to become a member of our community. Leave comments if you are interested in helping out, no effort is too little and we ‘ll keep you updated.

Stay tuned for more news of our website launch and first event shortly.

And in international news, your wordpress blog can now be used as your OpenID URL, more news of ths announcement, made this evening by Mr Willison can be found here http://wordpress.com/blog/2007/03/06/openid/.

Increasingly as with many things, I get the distinct feeling the OpenID vs other authentication mechanism battle was fought and won long before we arrived on this planet.

If you don’t have a wordpress.org blog, http://prooveme.com is an OpenID server which promises to be secure and easy to use, both for OpenID consumers and the end users. Even if you do have a wordpress blog, it’s still worth checking out.

There’s been a lot of noise in the ether recently about OpenID.

BarcampLondon2 saw quite a few sessions and lots of interests in them. In the week preceding that, Microsoft announced support for OpenID and AOL sneakily turned all their AOL user accounts into OpenIDs (I love genius - even when it’s evil genius). Simon Willison has been talking about it for quite a while now and at FOWA London presented a session about using OpenID for your webapps. He had slides which I will link to when they become available within the next few weeks.

Nic Ferrier, a hacker and demi-god I have the good fortune of knowing personally has just released a new OpenID server. ProoveMe

Yeah, yeah, what makes his so special?

Nic uses SSL Certificates generated and installed on your browser when you register at or login to prooveme
for authentication. Two immediate benefits.

1) SSL Certificates prove STRONG authentication. Need I say more?

2) You don’t get redirected to your OpenID provider when your try to login to a site¹.

This is ingenius although it does have a few criticism from me.

What happens when I loan my laptop to a friend, say to browse the internet at a conference while I talk (I do this a lot)?

Problem: My friend, having access to my browser can access all my pre-authenticated sites as me. Bad Friend!

Reality: I have a guest account on all machines I touch for this reason so it’s unlike to happen, but not everyone is as wary as I am.

It’s well worth a look and Nic’s happy to hear criticisms, so drop him a note if you think there’s a problem with his implementation.

Whatever happens, we have collectively decided that we don’t want to manage multiple usernames and passwords anymore - that’s why we had the blasted computers in the first place. OpenID solves the Problem, but will it win the race for dominance? This remains an important question.

[1] Being taken away, no matter how short the departure is and even with the promise of being brought back is a big attention killer and was one of the annoying things I had with OpenID.