OpenID: Emerging from Web 2.0
At the Web 2.0 Expo in Berlin today, David Recordon from Six Apart gave an energetic talk entitled “OpenID: Emerging from Web 2.0″. David is Vice-Chair of the OpenID Foundation, and in this session he gave a comprehensive overview of OpenID, its current use on the internet, and the direction that it might take in the future.
Using his own website as an example, David showed how easy it is to link your identity to your personal home page – just two simple lines of code that will also give you the freedom to switch OpenID providers without changing your ID:
<link rel="openid.server" href="https://pip.verisignlabs.com/server" />
<link rel="openid.delegate" href="https://(username).pip.verisignlabs.com" />
He opted not to get too technical, and did not go into much detail on the OpenID authentication protocol itself, or the cryptography behind it, but focused instead on the functionality and potential implementations. While the technology has been around for a couple of years now, the use of OpenID has seen a surge lately, as companies like AOL and Orange assign an OpenID to all of their users. This is driven by the increased availability of OpenID as a means of authentication in web applications, e.g., Ma.Gnolia and BaseCamp, and by the inclusion of OpenID libraries in modern web frameworks, such as Ruby on Rails. David outlined how the development was influenced by the Linux software philosophy “do one thing and do it well”, thus allowing services and tools to built on top of OpenID, leading to unlimited potential.
Most people will agree that the widespread adoption of OpenID can only be a good thing, but it poses the question as to whether or not the concept a URI as a username is too much for ordinary users? I will confess to being mystified by the process at first, and the long list of OpenID providers to choose from was daunting. Regardless, it will be very interesting to see how OpenID develops, and whether or not it becomes the powerful standard that David and Martin envision.