I remember Mr. Smarr's talk about OpenID and OAuth from a couple of years ago. I got the impression that his biggest fear was that Facebook would always be a walled garden. For reasons I don't quite understand, perhaps a sort of social consciousness (no pun intended), Facebook has opened their platform up, albeit in a limited and proprietary way.
Fortunately, there are companies like Google and JanRain who are hiding the differences between the Open Stack and Facebook's APIs. First, let's have a look at the Open Stack proper.
- OpenID for authentication
- OAuth for authorization
- XRD a service discovery protocol
- Portable Contacts (self-explanatory)
- Open Social
JanRain has RPX, and Google has FriendConnect, so using the OpenID/OAuth stuff is easy without really knowing a lot. What is needed is a way to marry the existing authentication stacks of all the common web platforms (ASP.NET, PHP, etc.) with the Open Stack, I think.
For more information, here are some blogs: