Skip to content


OpenID

I’ve been following OpenID for many years. It seems to finally be breaking out in the area of federated ID management.
What problem does it solve? Well just ask yourself how many ID’s and passwords you have. It’s a pain. How many have you forgotten? Are there more forgotten ones than there are active ones? (For me the answer is a big yes even though I do try to stick with a limited variety of them.)
OpenID attempts to create a secure space to manage your identity while protecting the rights of others. You can use your OpenID on any one of a growing number of sites (nearly ten-thousand) which support OpenID. Over the past few months some of the majors have signed on. I think this is the equivalent of the time when the browser wars ended and everyone adopted a more or less common standard. Here are a few:
Google
IBM
Microsoft
Yahoo!
Verisign
Wikia
SixApart
CNN
Drupal
Plaxo
Technorati
LiveJournal
AOL
On Feb. 7th the OpenID Foundation announced that Google, IBM, Microsoft, VeriSign, and Yahoo! had joined the board. “The OpenID Foundation was formed in early 2006 by seven community members with the goal of helping promote, protect and enabling the OpenID technologies and community. [This] announcement marks a milestone in the maturity and impact that the OpenID community has had. While the OpenID Foundation serves a stewardship role around the community’s intellectual property, the Foundation’s board itself does not make any decisions about the specifications the community is collaboratively building.
Last year, OpenID grew by leaps and bounds both as a technology and as a community. At the beginning of 2006, there were fewer than 20-million OpenID enabled URLs and less than 500 websites where they could be used. Today there are over a quarter of a billion OpenIDs and well over 10,000 websites to accept them. OpenID has grown to be implemented by major open source projects such as Drupal, cornerstone Web 2.0 services such as those by 37signals and Six Apart, as well as a mix of large companies including as Apple, Google, and Yahoo!. Today is about truly recognizing the accomplishments of the entire OpenID community which has certainly grown beyond the small grassroots community where it started in late 2005.
So what does this really mean? In the past few months respected bloggers, analysts, and marketers have been writing about how OpenID needs to start being explained clearly, so that it can actually become a mainstream technology. We started this process late last year by cleaning up the website, making it far more accessible and useful to a wider range of people. At OpenID DevCamp there was a focus on OpenID usability and the implementation of Yahoo! OpenID Provider clearly shows that a lot of thought went into making it clear and comprehensible to those who aren’t geeks.
One of the other accomplishments of the Foundation last year was working with AOL, Microsoft, VeriSign, Sun, Symantec, and Yahoo! to develop an intellectual property rights policy and process for technical OpenID specification work which was finalized in December. While all of these community accomplishments have been great, each was made possible by the community’s willingness to include the resources of companies alongside the efforts of individual contributors.
By bringing on these companies and their resources, the OpenID Foundation will now be able to better serve the needs of the entire OpenID community. In 2008, we can expect to see a larger focus on making OpenID even more accessible to a mainstream audience, the development of a World-wide trademark usage policy (much like the Jabber Foundation and Mozilla have done), and a larger international focus on working with the OpenID communities in Asia and Europe. Awesome!”
This is a major initiative that all libraries should be watching. By integrating into the ID/password simplicity movement we will help improve the user experience for our users. We also need to participate in the development to ensure our users’ privacy and rights are protected too. We need to understand this development very well. Are libraries ready to participate with OpenID? Anyone out there already signed on? Anyone out there with a personal or organizational membership?
Stephen

0 Shares

Posted on: February 18, 2008, 10:43 am Category: Uncategorized

2 Responses

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.

  1. Here’s a question/concern I have about OpenID. What if I had one key for every door I was authorized to open in my life: front door, office, safe deposit box, etc. And I lost that key. Or, even worse, someone stole that key from me.
    In what way is OpenID any different?
    A second related question. When I’m logged into Google and I do something, Google is recording my online behavior. When I’m logged into a service with OpenID, are they doing the same? And are they allowed to sell that tracking to advertisers? If so, you can see the implication whereby OpenID becomes a global tracker of online behavior, if every service I log into on the web is through OpenID’s authentication.
    Not try to sound like a conspiracy theorist; I want to be convinced otherwise.
    +++++++++++++++++++++++++++++
    I assume you read the site. How do you lock your home?
    I agree that these questions should be asked and librarians should participate in the development of OpenID. Standing back and waiting to be convnced instead of participating is one reason why libraries play catch up or stay behind the curve.
    SA

  2. I have an OpenID account–I just don’t use it for alot of things because of the unresolved issues I enumerated.
    If Congress would ever get around to passing basic internet privacy/data portability legislation, I might be more willing to take the OpenID plunge.
    I don’t think my concerns–which, regrettably, have been considerably muted or absent from other corners of the blogosphere–necessarily cast me as a technophobic reactionary. I understand the convenience OpenID and other models of data centralization bring. But I also wonder if that convenience comes at a price. To wit:
    http://tinyurl.com/2pa6yv
    And realistically speaking, I’m just a lil ol’ librarian. The people who need to be asking these questions and participating in the development of OpenID are, frankly, people like yourself, who have a higher profile. Yes, we all have a voice. But I think we can both agree that some voices are louder than others.
    “I assume you read the site. How do you lock your home?”
    I don’t follow your question–but I would clarify the analogy to say that I have one key to open all the locked doors in my life.
    As to the other question, I don’t read your blog regularly–I was redirected here from another library site. So my apologies if you’ve raised this issue before. If you have, please direct me to that post or series of posts–I’m interested in learning more!
    ++++++++++++++++++++++++++++++++++++++++++
    I agree that more people should be questioning the OpenID trend. I really worry about the lack of privacy protection in the US. One recent survey placed it last. I’ve been invovled in many of the issues as president of OLA, CLA and SLA. As a lil ol librarian myself, I know that anyone can make a difference – especially if we use our associations effectively.
    On the opther hand I worry that technology can lock up and lock down learning and conversation too becuase it can (to wit DRM and USA PATRIOT). We are losing rights because of too aggressive lock downs and we are losing some library users to sites like Amazon where end users can manage their own identity rather than having a library worker make that decision for them on the library site. That was the key metaphor. There are plenty of ways to make a house burglar proof and we generally go with “good enough’ rather than perfect and our lives are our most valuable possssions. I worry that because we can use tech to do supposedly perfect security we lose something in the process.
    Stephen