So, you’re on the web (or you wouldn’t be reading this) and you need to identify yourself to various web services and to various web readers, many of whom are real human beings. I was enthusiastic about OpenID a few years ago. But OpenID resonated with only a small and rather specialized subset of people.

Most people want to use an online identity they already have, or are already considering having, rather than forging a new “one identify to rule them all”. That cuts the field down rather drastically.

Maybe you want an identity that is lightweight, in the sense that it doesn’t carry the burden of private information. That’s an argument against Facebook, which seems to want to be your identity and to gather somewhat private stuff about you.

Fred Wilson argues that the lightweight criterion suggest Twitter as identity provider.

Twitter is default public and everyone knows that’s what it is. Your Twitter identity is the lightest weight, most public, and therefore the best identity on the web.

I’m inclined to agree with Fred. How about you?

Three years ago, I was pretty enthusiastic about OpenID.

Those of us who use (or at least try) too many web services tend to regard OpenID as good news: it means that each of us can sign in to one service in order to access multiple services… Now we get to the bad news. Most of the services I use don’t accept OpenID.

The bad news never went away, and is in some ways getting worse. 37signals will cease to support OpenID on May 1.

There are at least three other strikes against OpenID, besides the fact that many sites don’t accept it. Your ID is a URI, which might seem a little weird unless you are actually a web page. That URI can seem like one more thing to keep track of, bookmark, etc: the OpenID as well as the sites you use it to access. And what do you do when your OpenID provider is down?

So, more and more, we see web services inviting us to sign in using our credentials from one of the big sites, often Facebook. This may seem a little like using the one ring forged in, and always owned by, Mordor.

But we do have our choice of lords of the login. Mike at RWW recently noted that LinkedIn is growing as the login of choice for business-to-business (B2B) sites. He deduces from this that “users prefer certain identities for certain online activities.” So maybe Jekyll and Hyde is a better literary reference than Lord of the Rings when it comes to logins.

Those of us who use (or at least try) too many web services tend to regard OpenID as good news: it means that each of us can sign in to one service in order to access multiple services. For example, I use ClaimID as my OpenID provider. Once I’ve signed on their, I can use the OpenID it provides me with to sign in to services such as Highrise and…

Now we get to the bad news. Most of the services I use don’t accept OpenID. For example, if you wanted to comment on this post, having an OpenID wouldn’t help you, because WordPress.com doesn’t accept them. It does issue them, though; indeed, I tend to use the OpenID associated with this blog when I leave comments at Blogger, which does accept OpenIDs.

Many have argued against sites providing, but not accepting, OpenID. I did so, rather gently, and with reference to WordPress, about a year ago. Today, Mike Arrington made a similar argument, but rather more vigorously and with reference to web bigcos, today.

The problem… is that the Big Four Internet companies… have made big press announcements about their support for OpenID, but haven’t done enough to actually implement it. Microsoft has done absolutely nothing, even though Bill Gates announced their support over a year ago. Google has limited its support to Blogger, where it is both an Issuing and Relying party. Yahoo and AOL are Issuing parties only.

… Putting my conspiracy theory hat on, it looks to me like these companies want all the positive press that comes from adopting this open standard, but none of the downside. By becoming Issuing parties, AOL and Yahoo hope to see their users logging in all over the Internet with those credentials. But they don’t accept IDs from anywhere else, so anyone that uses their services has to create new credentials with them. It’s all gain, no pain.

Meanwhile, the service that I’d really like to get my OpenID from doesn’t issue OpenIDs – or accept them. It’s FriendFeed: here’s my FriendFeed. An OpenID is actually a URI, and the FriendFeed page is as good an identity page as any.

Hey, I just remembered reading the news that FriendFeed now has an API. Someone should set up a service that issues you an OpenID and gives puts stuff from your FriendFeed on your page.

OpenID: BigCos on Board

February 7, 2008

This morning the OpenID Foundation announced that Google, IBM, Microsoft, VeriSign, and Yahoo! have joined the board. This is good news, since OpenID is good.

However, there are limits to the goodness of the news. As Michael Arrington points out:

OpenID looks like it’s going to be a winner, so big companies making their user accounts OpenID compatible is a good hedge. Everyone, of course, wants to be an ID issuer, since they get to “own” the user. Less attractive is allowing users from other sites to log into your services, so don’t expect that functionality to come for some time.

Your portadentity is your identity, portable across web services. You probably haven’t heard the term before, because it just occurred to me, and Googling it yields no hits. The concept may well be familiar, since it has received a lot of coverage in the last month or so. A recent example comes from yesterday’s Financial Times.

It is a frustrating fact of modern internet life. Users of websites such as Facebook and Google spend hours building up and maintaining friend lists and e-mail address books, but when it comes time to move such social information to another online service they frequently find it impossible to get their data back out. Instead, they must start re-entering their personal details from scratch.

Another statement of the problem is the Smashcut video. It provides part of an argument for “data portability.” I don’t find that term very useful, but suspect that we are stuck with it, and regard it as a price worth paying for the achievements of the Data Portability Working Group (DPW).

At the heart of data portability is your identity. The DPW, consistent with its policy of using existing standards, uses OpenID for digital identity. Your OpenID, together with the data attached to it, is what I’d call your portadentity.

Today’s big news about the DPW is that Microsoft has joined. Read/Write Marshall reacts as follows. Microsoft’s joining the group is an event of sufficiently complex historical meaning that I’m hesitant to try and interpret it here. I won’t try to interpret it either.

I’m more inclined to spend my interpreting energies on Matt’s statement yesterday about Automattic’s vision of a better web not just in blogging, but expanding our investment in anti-spam, identity, wikis, forums, and more. I added the emphasis on identity.

Here’s what I hope Automattic will do about portadentity… all right, data portability.

  • Appoint someone to the DPW.
  • Make WordPress.com a consumer of OpenIDs. It’s currently a producer only.
  • Make it clear where Gravatars might fit in to all this.

Yahoo and OpenID

January 17, 2008

Yahoo implements OpenID… or does it? Read/Write Marshall asks the key questions.

Though there’s every reason to hope that today’s Yahoo! announcement will lead to ongoing, meaningful advocacy of OpenID by the company and then a future wherein Yahoo! sites accept OpenID from other providers – there’s also plenty of reason to be concerned that neither will occur and that Yahoo! interests are really only served by spreading the use of Yahoo! ID further around the web.

Google Profiles

December 16, 2007

Yesterday, I realized that I had something called a Google Profile, and that it was linked to my Google Reader account. Today, several of the blogs to which I subscribe using Reader included posts about Google Profiles. One of these, GigaOm, directed me to its colleague Web Worker Daily.

The post at WWD, by Mike Gunderloy, is pretty good, raising some interesting questions. A Google Profile “is simply how you represent yourself on Google Products” – but what are the future plans?

I’m not sure why I’d want a profile that was limited to Google products. I do want a profile that spans products, but I also want a profile that spans vendors.

I’d like to know how Google Profiles will be related to standards such as OpenID. Without a good story on that, Google Profile will begin to look like Microsoft Passport.

Follow

Get every new post delivered to your Inbox.

Join 97 other followers