One thing Nathan and John have been working on under the hood of the Creative Commons Network over the last couple of months is a promotional code system which gives us (and you) more flexibility when purchasing account subscriptions.
Starting today, when you donate $50 or more to Creative Commons ($25 for students), you’ll be sent an e-mail with a link will let you either renew your current CC Network account, or sign up with a new one.
This promo code can be used by you, or if you want, you can gift it to a friend by just forwarding them the email with the link.
Just remember, individual promo codes can only be used once so use them wisely!2 Comments »
Chris Messina on OpenID: the unseen branded revenue opportunity:
What better way to both support Creative Commons and show off your patronage than by identifying yourself across the web with your very own unique, secure, privacy-protecting creativecommons.net OpenID (just like Zach Beauvais)?
For a mere $50 minimum donation ($25 for students), you can own a limited edition URL and profile from Creative Commons that identifies you to the world and provides a compelling revenue opportunity for the non-profit foundation.
While companies like SAP become OpenID providers for pedestrian reasons like simplifying authentication across their many different distributed web properties, Creative Commons is redistributing the brand equity and social capital their members have accrued over the last several years by letting people show and verify their affiliation to the organization.
With this simple example, we can start to see the symbiosis of making an intentional choice about identity: Creative Commons finds a new revenue opportunity and members of the community have a way to express their affiliation and promote the brand.
Perfectly explained. Do read the whole post, including the part where Messina calls CC Network “a truly inspirational approach”. Thanks Chris!
Also see Read Write Web’s take on CC Network, following up on Messina’s post.
CC Network also has other features that complement its identity and affiliation stories — see our posts from last fall launching the service, explaining our technical approach to CC Network’s OpenID security, and CC Network and web-centric copyright registries. On the last, see our CTO Nathan Yergler’s recent update from the third CC technology summit.5 Comments »
Over the last year I’ve been fortunate enough to work with individuals, organizations, and movements as Creative Commons’ Outreach Manager. Starting this week, I will be applying this experience to a new role at CC as our Product Manager for the Creative Commons Network. I’ll still be working in NYC and free to meet about CC, but will be primarily focused on developing new features and tools for our community.
For those of you who haven’t heard of it, check out our press release and post announcing the network in October, and for those of you who have already joined, we should have some exciting announcements for you by the end of the year.
You can also join the CC Network now by donating.
For now, if you have any thoughts, suggestions, or questions about the Creative Commons Network, please don’t hesitate to get in contact: fred [at] creativecommons.org.2 Comments »
We hosted our second community conference call last Wednesday, May 27. Donors were invited to join members of CC’s staff and board, including CEO Joi Ito and new Board Chair Esther Wojcicki, to discuss organizational updates, including CC Zero, GreenXchange, the future of the CC Network, and an update on the Wikipedia migration to CC BY-SA. We also took questions and comments from participants. The call was a great success and a valuable opportunity to reach out to and connect with our supporters; we will continue to host community conference calls on a quarterly basis, and anyone giving $250 or more will be invited to take part.
An audio recording of the call is now available online. Thanks to everyone who participated, and as always, we would like to extend a big thank you to all members of our community for your continued support!2 Comments »
Once again we’re offering a special deal for CC Network members (25€ off the regular price). The Technology Summit is being organized in collaboration with NEXA Center for Internet & Society and the timing makes it possible to attend two great Commons events in the same place — the 2009 COMMUNIA Conference is taking place two days after the Technology Summit. If you’re already attending COMMUNIA there’s a special registration deal for you, too.
If you have any questions, just email firstname.lastname@example.org Comments »
Last month we rolled out a brand new look for CC’s homepage, and promised that other changes would follow. Staying true to our word, we now invite you to check out our redesigned wiki, which boasts a much sleeker and more user-friendly interface and look. The wiki is home to the CC Case Studies project, upcoming event information, resources for software developers, and much more.
The wiki is designed to get you involved and collaborating with us; anyone with an account or an OpenID can login and add to certain pages. If you’re a member of the CC Network, your profile acts as an OpenID. Not yet a member? Support the work of Creative Commons and join the CC Network today to get an OpenID!
We need your contributions to continue developing this wiki into a valuable community resource, so check out the Getting Started page and jump right in!1 Comment »
One of the key benefits of becoming a Creative Commons Network member is the OpenID login feature. In this blog post, we’ll cover the basics of OpenID and why having a Creative Commons Network OpenID is particularly interesting to users who care about their privacy. We’ll also point out the risks of using OpenID and how you can mitigate them.
OpenID and Password Insanity
By now, even casual web users are encountering password fatigue. Though it isn’t ideal from a security standpoint, it becomes necessary to reuse passwords across sites when possible. One increasingly popular alternative to this password insanity is OpenID. With OpenID, a user creates an OpenID account at one of many available OpenID providers, e.g. http://creativecommons.net/. The user is then assigned an OpenID URL, e.g. http://creativecommons.net/ben. Then, when logging into a web site that supports OpenID, the user simply submits his OpenID URL, is automatically redirected to his OpenID provider where he logs in with his one OpenID account, and is finally redirected back to the original site, automatically logged in. One OpenID account lets you log in to any web site that supports OpenID logins.
There is always a risk to centralizing significant security information in one place: the place of centralization becomes an attractive target for attackers. Beyond that, there are some risks specific to OpenID given the current state of the Web:
- Users are required to place significant trust in their OpenID provider. An OpenID provider can trivially impersonate any of its users to any web site it chooses. In other words, it’s important to choose an OpenID provider you trust.
- When OpenID URLs are not protected by SSL, OpenID is vulnerable to various kinds of DNS attacks, which, as we know from recent developments in DNS security, are significantly more realistic than many realize.
- The OpenID protocol expects the relying party (i.e. the site to which the user is logging in) to redirect the user to her OpenID provider, when the relying party may not always be trustworthy. As a result, a number of security experts believe that OpenID increases the risk (and improves the efficacy) of phishing attacks against OpenID users. This is particularly relevant when the OpenID provider provides password-based authentication, which is the case for most OpenID providers. This can be mitigated by using a browser extension such as Verisign’s OpenID Seatbelt which takes you directly to your provider and providers a visual indication that the page you’re on is indeed the page where your password can be safely entered.
- An OpenID provider is involved in every act of authentication that its users perform. This has significant privacy implications, as the OpenID provider can easily determine its users’ Internet usage patterns. This private data might be leaked if a security breach occurs, or if the OpenID provider is subpoenaed for information.
Mitigating OpenID Risks
We believe that Creative Commons is well positioned to provide trustworthy OpenID functionality. That said, we only recommend that you use Creative Commons as an OpenID provider if you do indeed trust Creative Commons.
To address the remaining risks, Creative Commons has made the following design decisions in its implementation of OpenID:
- Creative Commons profile URLs are only served over SSL — any request over plain HTTP is redirected over SSL. We recommend looking at your address bar to make sure you’re connected over SSL when logging into web sites with your profile.
- Creative Commons strongly recommends that you verify the URL that you are visiting before you enter your Creative Commons Network password. We have also taken care to ensure that you need not enter your password repetitively when visiting sites you already trust. Thus, by reducing the number of situations where users are expected to enter a password, we hope that users will be more vigilant on those few occasions where a password is requested.
- Creative Commons commits to keeping only minimal and recent logging information about its users’ authentication activities, and to never share this logging information (except in cases where we are legally required to do so.) Thus, if a breach occurs, attackers will have only minimal data about our users’ Internet habits.
As always, we welcome all comments, and we hope you’ll find Creative Commons’s support of OpenID a useful service!Comments Off on OpenID and the CC Network
One of the most substantial challenges when working with digital media is the effort required in preserving it and documenting its existence. Hard drives fail, DVDs crack, and servers are taken down. Anticipating and mitigating these inevitable failures has helped cement a culture of redundancy in our private information technology infrastructure, but what of the commons? Projects and features like Archive.org’s Way Back Machine, Google’s Cache, and Wikipedia’s history, all provide glimpses of what once was on the Internet, but what happens when you need to verify that a work was released under Creative Commons?
I had saved a handful of his photos to my hard drive, and checking another one, it also had been “taken back.” I left a comment on the one photo, pointing out this change in licensing. Terry’s work receives lots of comments on Flickr and this picture was posted almost a year and a half ago, so I didn’t expect much in the way of a response, but he sent me an email thanking me for my comment and saying, “Yes I had to change the rights as I started finding my photography being used without my permission for advertising and other professional media.”
As you may or may not know, CC licenses are irrevocable, but this doesn’t mean creators can’t cease offering a work under the license. When a licensor changes the license of a work (whether it is Creative Commons or otherwise) it simply means that whomever comes across the work in the future will be bound by the new terms and not the older ones. It does not mean, however, that the older licenses are invalidated. For more information about this read our FAQ.
As for the question of verifying whether a work was ever released under a CC license, the innovative ImageStamper.com can provide this exact service for flickr photos. We used ImageStamper to time stamp all 157 photos used in Jesse Dylan’s ‘A Shared Culture‘ so that we would have proof, going forward, that a particular work was released under a given license. WebCitation.org‘s archive feature provides essentially the same functionality for any given webpage and also provides a permanent URL for the snapshot.
Ultimately, this is the exact question we were interested in answering by creating the Creative Commons Network. Instead of providing proof of others choice to use a CC license, you can use the Creative Commons Network to show the world that both Creative Commons and you have verified that you’ve released a work under CC.1 Comment »
Yesterday we launched The Creative Commons Network as part of our annual campaign. On the surface the CC Network is simple: it acts as a premium for supporting Creative Commons and gives supporters a way to tell the world that they support CC and Free Culture. But it’s also designed as a platform for exploring digital copyright registries. If you were at the CC Technology Summit in June (or watched the video from it) you saw that there are lots of people working in this “Copyright 2.0″ space. The conversations I’ve had about registries over the past year often start with the question, “how does someone with a photograph they downloaded off the web determine who owns it?” That’s a question we want to be able to answer and that people such as Safe Creative, Registered Commons, Image Stamper, Attributor and others are working on different approaches to. But there’s an implied question underneath: “How do I take a photo and determine who claims to owns it? And how do I know if I should trust that claim?” That question of trust is one we’re looking at with the CC Network.
Let’s start at the beginning. When you select a license, Creative Commons doesn’t store that selection; it’s up to you, the owner to publish that information. To help you with that we generate some HTML you can paste into your web page that includes the license. Including that HTML is essentially a claim of ownership; it says “I’m offering this work under a license, and I can do so because I own the necessary rights to do so.” It may say other things, too, such as how you want to be attributed for re-use, but everything else hangs off that ownership claim. To date, short of contacting the creator directly to ask for some sort of verification, you’ve had to rely on context to help decide whether you trust the claim: is the claim published on site who’s name matches the name of the author or is it on a public, anonymous host like geocities? What’s my risk profile look like? The CC Network adds another piece of information to the decision making process.
A CC Network account has two relevant pieces: a badge you can include on your page that points back to your profile and a simple work registry where you can claim works you’ve created and made available under a CC license. The badge [unsurprisingly] includes embedded metadata that associates your CC Network profile with the work it’s on. The work registration pages also include metadata about that relationship. So now we have two pieces of information — one from each side — making mutually reinforcing assertions, so we have reason to trust the claim. By itself this is just a claim of ownership — it still doesn’t tell us who owns the work. After all, why wouldn’t I just create an account for my favorite band on the CC Network, post some of their tracks on my site and claim they’re licensed? This is where supporting CC financially can help you as a creator.
When you give to CC, your name is verified by PayPal and that information is passed back to us when the transaction completes. We store that with your profile as your name and display it on the license deeds when someone clicks through from a registered work. So when you’ve licensed your work, registered it with the CC Network and added the badge, your name — verified by making a contribution — shows up on the license deed.
If this were the end of the story it’d be of limited interest: another one-way, closed system for solving the problem. The most exciting part of this (for me) is that this system doesn’t actually rely on CC licenses or the CC Network at all — it’s all driven by metadata published with the work (on the network badge in this case) and with the registry (on your CC Network profile). We think the CC Network is a pretty good start but you can easily imagine other implementations that add even stronger assurances of identity: maybe one site implements web of trust, or another requires that creators show up in person with identification before becoming members. Yet another might also provide insurance backing up the claims. And applications — of which the license deeds are only one — can communicate this information to users, boosting their trust in the claim being made.
Since the beginning Creative Commons has made machine readable license information a “first-class” representation of the licenses. Because of that history and your support, we’re now in a position to continue building an infrastructure that allows creators flexibility and choice. If you haven’t already, I hope you’ll join CC now and support the commons.1 Comment »
Creative Commons has now officially launched its 2008 fundraising effort – our Build the Commons Campaign. Many skeptics think this is a precarious time to launch our major fundraising initiative; we disagree. This is an opportunity. An opportunity to call our community members to action – to help us make sure that the Commons continues to grow and be supported. These times demand creative problem solving and innovation on a global level – innovation that stems from collaboration and knowledge exchange, both of which are facilitated through access and sharing, and all of which are made possible by the Commons.
Since I started at CC, I’ve made sure that our annual campaigns (I can’t believe this is my third!) have always had two goals. The first is to raise a large sum of money from our community members (this year’s goal is $500,000) by the end of the year. The second, and in my opinion more important of the two, is to build awareness and community. The Commons is only as strong as the community behind it, and only by working together can we build a Commons that withstands the challenges of this generation and those to come. With this campaign, we’re asking that you help us Build the Commons by using CC licensed works and CC licensing your own work, educating others about the value of the CC approach to openness and access, and lastly – by joining the CC Network.
We are launching several cool things in conjunction with the campaign, and at the top of the list is the chance for you to join the CC Network. By joining, you will become part of a worldwide community dedicated to building the Commons and bringing open content to all corners of the globe. When you join you receive several benefits: a profile page where you can list your CC licensed works; an OpenID you can use at many different sites; and a button you can put on your work’s page to show you’re part of the CC Network. The button shows your support Creative Commons and allows us to add provenance information to the deed when people click through from your work.
We’re also launching the CC Video Project, where we’re asking you to produce a 90-second video that explains why you’re a Creative Commons supporter. So get creative and let the world know why you think what CC does is important. As the commons continues to grow, it’s important that we capture the stories of the community responsible for building it. Creative Commons has only succeeded because of the incredible work that you do. We want to hear and share your stories. How CC has helped you create, access, and collaborate?
This project happily coincides with the release of Jesse Dylan’s new video “A Shared Culture” which is an incredible short that features members of the Creative Commons board talking about the work we do and why we do it. Maybe you’ll choose to use Jesse’s video for inspiration. Maybe you’ll even take some of what he’s done and remix it, mash it up, or sample it in your own video. Whatever you make, be sure to let us know about it – we want to highlight all of the interesting people and stories out there. Check out the CC Video Project page for details on how to participate.
In addition to joining the CC Network and participating in our video project, there are many ways to support CC. Our financial goal is to raise $500,000 – a lot of money, I know, especially now; but any amount you can give makes a difference. You may even be able to double the value of your contribution by taking advantage of your company’s corporate matching gifts program. When you give to CC, you play a central role in helping to sustain the CC infrastructure, enabling us to continue our work maintaining and improving the existing tools and resources that millions of people use and rely upon.
As I said before, CC is around and important thanks to you and what you do with it. The livelihood of the Commons relies upon its community members – the builders, users, and supporters of the open web. If we don’t come together, and if CC is not sustained, the Commons runs the risk of stagnation and restriction – the antithesis of innovation, and innovation is so desperately needed right now. Help us make sure the Commons remains strong and continues to grow by taking part in the campaign today!Comments Off on Help us build a shared culture: CC’s annual fundraising campaign launched