Log in

No account? Create an account

Previous Entry | Next Entry

Relying on the Big Companies for OpenID?

Last night Mike Arrington of TechCrunch gave me a call wanting to chat a bit about OpenID adoption when it comes to sites you can login to with your OpenID (aka Relying Parties in identity speak). The crux of his question to me was if the big companies are doing their share to contribute to the OpenID ecosystem or if they're rather taking more than they're giving -- in the form of good publicity -- by not also becoming relying parties. As he pointed out this morning in his post "Is OpenID Being Exploited By the Big Internet Companies?", with the exception of Blogger from Google, all four of the big internet companies are at best only acting as OpenID Providers. While I am very supportive and encouraged by the work AOL, Google, Microsoft, VeriSign, Yahoo!, and others have done with OpenID, I do agree that it is healthy to be skeptical around public promises to support a technology when after a year some of those companies haven't followed through.

What I think is missing in this conversation is to look at what these companies have done, beyond just increasing interest, engagement, and general adoption of OpenID. Peter Nixey of Clickpass talked about how we shouldn't, "underestimat[e] the impact that even the current announcements have made". One notion that I'm really excited about is how it is now reasonable for relying parties to assume that just about any user showing up to their site already has an OpenID from AOL, Yahoo!, or one of the other large services that provides OpenIDs. Yes, there are education and usability hurdles around getting "normal people" to understand (or just use) OpenID on a daily basis, but the efforts that Yahoo! and Clickpass are taking in making their Providers dead simple are truly encouraging!

As I mentioned to Mike last night, one of the things I love about OpenID is how it really lowers the barrier to entry around new innovations in the authentication space. Companies ranging from the likes of Vidoop who are trying to kill passwords to Microsoft who is trying to tie web authentications to the desktop with CardSpace are both able to just focus on what they're good at; not trying to get every site on the internet to support their specific technology. Rather, they can use OpenID as a building block -- an enabling technology -- to gain adoption and iterate quickly. This holds true to individuals as well who can build Providers even just for themselves, maybe with authentication tied to their hacked Linksys router in their home closet.

While Mike is true that the footprint of open source relying parties don't yet add up to any of the big companies, it is great even just seeing OpenID relying party libraries on every Mac that is running Leopard! These open source tools (django, Drupal, Joomla, MediaWiki, Movable Type, phpBB, Plone, Ruby on Rails, and WordPress.org to name a few) are providing the building blocks to power large communities and new services that wish to accept OpenID logins.

Mike, thanks for asking the hard questions and bringing this aspect of supporting OpenID back to the forefront of conversation!


( 9 comments — Leave a comment )
Mar. 24th, 2008 08:30 pm (UTC)
I like your title
And yeah, it was good of Mike to draw some more attention here!
Mar. 25th, 2008 05:34 am (UTC)
Thanks David.

It's great to see TechCrunch stirring the pot but ironically the real win with OpenID won't be when Google, Yahoo or Facebook become consumers. Most people know and remember their Google and Yahoo passwords already.

The almighty win will be when Safeway, American Airlines, Best Buy and every other place you visit once a month or once a year adopt OpenID.

Having the big guys lead the way pulls people along in their wake and has a huge validating effect but it's shepherding the rest through that'll have the biggest impact on users.

That said, even if the utility is flowing bottom-up, the validation does need to come top-down and it's important that pieces like this shake things up a bit.
Mar. 25th, 2008 01:30 pm (UTC)
OpenID is DOA
OpenID has been in tech-land for too long. Perennially in mental-beta it's time for the marketing and product people to step in and make something useful that regular people can use. I can't believe I just said that but it's true. The building blocks are crude and mysterious for the most part. Painless installs? Not by my account.

OpenID adoption is painfully slow, where is the person/company who is going to kick off the big push? Providing ID's from multiple parties, while an interesting idea, is hindering adoption for most people. they see it as "I can log into this site by providing one of many website addresses? I don't get it."

Time for a reality check from regular Internet users, otherwise OpenID is DOA.

Mar. 25th, 2008 01:59 pm (UTC)
Re: OpenID is DOA
Most of the OpenID-enabled sites today treat OpenID as "nice feature for those who know it, but irrelevant to others". Okay for us, but it doesn't help spreading the news! But why should the "big four" spend marketing budgets on something that isn't their product?
Mar. 27th, 2008 01:13 am (UTC)
Mar. 27th, 2008 01:33 am (UTC)
Lower Authentication Barrier
I really appreciate you sentiment here. The simplicity of OpenID is a great thing. Because many developers can easily toy with OpenID in different context, the technology concept is applied in some interesting was.
Mar. 31st, 2008 02:48 pm (UTC)
Open Source list
I can't believe you've missed Barnraiser and AROUNDMe http://www.barnraiser.org/ off the list again;)
(Deleted comment)
May. 2nd, 2008 06:34 am (UTC)
Definitely, I'm super excited about you guys! I posted on OpenID.net about it yesterday. http://openid.net/2008/05/01/sourceforge-allows-openid-logins/
( 9 comments — Leave a comment )