seedy bagel [bagel friday] @ 03:03 pm
We play a little foosball here at JanRain World Headquarters. About a month ago we started keeping stats. That is, we started recording data, but our interpretation of the data could still use some work.
Things we want to know include:
- Who is king of the hill? How hard do I have to beat them to take their place? (With variations for best player on offense, defense, and best of the week vs all-time.)
- Which pairings of players will present the closest matches?
- Given a set of players, how should the bookie set the odds or point spread?
- Which pairings of players should play in order to best increase the statistical significance of the data?
The math is nontrivial to those of us who haven't done much statistics, because we want stats for individual players, but our data points come from four-player games. Help?
chicken cheera [company lunch] @ 06:53 pm
[Warning: this entry is long!]
Ever wonder what goes on in my head while I'm working? Here's an example from this week, in response to a proposal to be considered for OpenID 2.0.
Right now, the trust between the RP and the IdP goes something like this:
RP: Okay End User, this is the IdP you've chosen to use, so I will trust that whatever it tells me is good enough for authenticating your account.
That's pretty much the only relationship that exists between the RP and the IdP, that the authentication method is trustable because the user has decided it is. I'm not sure what we gain by having the RP put additional requirements on how the IdP should do its job.
( In case of three-year-old, )
I think RP's mistake here was specifying an authn_age of seven minutes. Really, for this case, it probably makes more sense to pass a value of zero, to mean "the IdP MUST prompt the user for credentials." But if that's the case, couldn't we say that more plainly? Is there ever a case for specifying a non-zero parameter here?
( Three-thousand eight-hundred and forty-seven. )
However, despite there being cases where this functionality would be useful, in the end I am still not in favor of the proposal as a core feature.
buttermilk chicken spinach salad @ 10:58 am
Earlier this week at OSCON, Scott Kveton announced the I Want My OpenID Bounty Program. The first ten open source projects to meet the criteria can earn $5k USD each. I think that's a pretty sweet deal. We've already done all the work of writing a library that implements the protocol details, all you have to do is integrate it with your application. Not that that's trivial, mind you, there can be a number of finicky issues ranging from issuing a browser redirect in the middle of your app's login sequence to making sure your authorization database can use OpenID identifiers, but $5k isn't so trivial either. Even for the size applications the bounty program is targeting (deployed instances of your application must have a total of 200k users), $5k pays for a lot of developer resources or hosting costs.
But one of the neatest things I've seen this week is this:
That might not look like much to you. It's a screenshot of a web page that isn't all that visually interesting. But it's interesting to me because the web page is an application I wrote. It tests the functionality of OpenID servers, and the guy who took the screenshot is using it against a server in China, and the tests are passing, and this is significant enough that he puts the adorable toddler pictures aside for long enough to post the news to Flickr.
So, yeah. The openid.cn guys blog in a language I can't even begin to read, but it looks like they're using our software. To build their software. On the other side of the world. Hooray for world domination!
(The Buttermilk Chicken Spinach Salad, by the way, is from the new Macadam's Bar and Grill. Fried chicken and strawberries on a bed of spinach with a berry vinaigrette. As Dave Barry would say, I Am Not Making This Up.)
free pizza [company lunch] @ 11:48 pm
July seems to be the month of renewing subscriptions. My e-mail host, my domain names, and, among other things, my LiveJournal account.
( why LJ? )
( What's OpenID? )
( JanRain is hiring. )
If you happen to be coming to Portland for OSCON, look us up. We may not have a talk scheduled until Friday, but there's lots of time for OpenSpace there with no four-digit price-tag required.