Feb 16

Seems the ball has really started rolling on this one. According to O’Reilly (http://radar.oreilly.com/archives/2007/02/aol_supports_op.html) AOL has started supporting OpenID for AIM users. It’s only a matter of time before Google’s on this one.

I had a look at the OpenID specs to get a decent understanding of exactly what the protocol was about. There is nothing there that can really be hijacked and made proprietary. Anyone who has worked on web applications such as portals whose services need to rely on a shared identity will instantly recognize the pattern in a collaboration diagram. I slapped one of these together for myself just as a matter of interest (a picture tells a thousand words). I’ll put up a post this weekend explaining the interaction.

The interesting thing here is going to be how exactly the scheme is going to be promoted/adopted. OpenID requires that every identity corresponds to a URL - at present AOL/MSN/Google accounts all correspond to an email address. Watch this space.

Posted in open id | No Comments »
Feb 8

Microsoft today threw their weight behind OpenID (http://openid.net/) a distributed framework that helps users to identify themselves on the net in a uniform way.

http://news.bbc.co.uk/2/hi/technology/6339813.stm

The importance of this cannot be understated. The idea of a single sign-on to the net is The Way Forward. The problem with attempts in the past lay with the issue of who exactly controlled the information and where is was stored. Previous attempts at single identity schemes such as Microsoft’s own Passport relied on a person’s willingness to hand over management of their identity to someone else, leading to suggestions of Big Brother.

The beauty of the OpenID scheme is that a user registers their identity with an OpenID Provider which they can either run themselves or alternatively defer to a 3rd party. The MS move is important because it signals their intent to use this as the basis of future identity services, such as their InfoCard initiative. Not only would this mean that the scheme will become exposed to the mainstream via a large base of applications via the MSN/Passport network, but it may also mean that existing Passport users automatically become members of OpenID. Does this mean that web app developers should abandon their own username databases? I don’t claim to know the answer, but foolhardy is the developer who ignores this one.

Watch this space.

Posted in open id | 2 Comments »