The message carried some very interesting tidbits about future OpenID developments with Google. Sachs recommended using Portland-based JanRain’s RPX solution for OpenID.
When a company like Google recommends using Portland-based JanRain for OpenID implementations that that just lends credence to my argument, doesn’t it?
thanks to the efforts of Portland-based JanRain, even the good old brick and mortar companies like KMart and Sears are jumping on the OpenID bandwagon.
Google (maybe you’ve heard of them?) has just announced two new enhancements to the Google OpenID API. And it just so happens that Portland-based JanRain and their RPX solution have come to play a critical role in the announcement: they’re one of the first examples of the new features in use. Read More
Many of you know that in addition to serving as an OpenID proponent, a critical part of the Vidoop team, and a devout bacon—and bacn—geek, Scott Kveton has also served as the chair of the OpenID Foundation.
Today, the Foundation announced its new officers. And while Kveton has moved into the role of vice-chair, I’m happy to report that Brian Kissell of Portland-based JanRain has been elected chair of the organization.
It’s great to see Portland—the de facto hub of OpenID development—continuing to have a noted presence in the Foundation and its efforts.
In other news, a little company called PayPal—which is owned by another little company called eBay—became a sustaining member of the OpenID Foundation. But neither of them are from the Silicon Forest, so that’s secondary news.
I like to proffer that Portland, Oregon, is the hub of OpenID (whether it’s true or not). That’s why I love days like today that only add credence to my assertion.
Today, RWW Live—the podcast for ReadWriteWeb—will be focused on OpenID. As such, it will be pulling in a whole bunch of Portland connections to participate.
But just how much Portland-associated influence will there be on the show? Well, we’re lucky to have some of the heavy hitters from the world of OpenID—and Portland—in attendance. Brian Kissel of Portland-based JanRain, Scott Kveton of Portland-based Vidoop, Chris “@factoryjoe” Messina of Vidoop (who doesn’t live in Portland, but thankfully, travels up here on a regular basis), and David Recordon of Six Apart (who is originally from Portland). And, of course, Marshall Kirkpatrick, who heads up ReadWriteWeb content development, is a Portland resident, as well.
That’s a lot of Portland. And a lot of OpenID knowledge.
Today, the group will be discussing ideas for increasing adoption of OpenID, plans for the OpenID Foundation, and opinions on Google Friend Connect and Facebook Connect. If there’s a topic you’d like to propose, visit the RWW Live post to offer it as potential discussion point or throw it out in the chat room during the call.
Speaking of chat rooms… it would probably be wise to tell you how to participate:
The show will be broadcast LIVE at 3.30pm PST Monday (6.30pm EST). We invite you to tune in and interact with us via the chat, by clicking here. You can also use the Calliflower Facebook app to listen and participate.
Can’t make the show? No worries. RWW Live is a podcast, after all. You can always listen to the discussion by heading over to ReadWriteTalk, the archive of all ReadWriteWeb podcasts.
So whether you’re saying “Open wha…?”, a staunch OpenID proponent, or an OpenID opponent, it would be well worth your time to swing by the podcast and hear these knowledgeable folks talk about the future of managing your identity on the Web.
So where better to launch the latest version of the leading OpenID plugin for WordPress—wp-openid—than Portland?
Will Norris, the lead developer of the wp-openid plugin, happens to be in town this week. And, as such, he has just announced that he will be launching wp-openid 3.0 this Wednesday at Portland Web Innovators “Demolicious!“, the new hip spot to unveil cool new tools here in town.
What does wp-openid do?
This plugin allows verified OpenIDs to be linked to existing user accounts for use as an alternative means of authentication. Additionally, commenters may use their OpenID to assure their identity as the author of the comment and provide a framework for future OpenID-based services (reputation and trust, for example).
So, if you’re a WordPress type who’s been using OpenID or who is interested in deploying OpenID on your blog, make sure to attend Demolicious! on Wednesday night at NEMO Design. Even if you’re just OpenID curious, I’d highly encourage you to attend.
Plus, as always, there will be some other cool stuff being demoed there, as well.
Look. You’re in Portland. Arguably the de facto hub of OpenID. So it happens. The OpenID soapbox is literally right here. I can jump on it at practically any time.
So yes, I’m talking about OpenID, again.
But this time, I think even the staunchest critics will find the discussion interesting. Because it solves a very common complaint.
You see, once you get past initial objections surrounding OpenID and the “we should push the value, not the technology” discussion—once you get into actually trying to convince people to use OpenID as a form of credential for online services—one criticism tends to pop up time and time again…
Why is OpenID a url? Why can’t OpenID be an email address?
Why does this complaint come up so much? Because email passes the “mom ‘n’ pop” test. As in mom ‘n’ pop are growing increasingly comfortable with the idea of having an email address. They “get it.” And they’re far more comfortable managing that type of address than they are managing a url.
Long story short, email seems easier to grasp.
And we’ve been so conditioned to plug an email address into the “username” box, that it’s almost becoming second nature.
If only! If only someone, somewhere could put some of the leading minds together with some brilliant developers and get this thing figured out. I mean, maybe like Chris Messina and Will Norris. Maybe get Scott Kveton and Scott Blomquist in there. And that Michael Richardson is a pretty sharp developer.
I mean, if someone could manage to put a team like that together… I’m sorry. What? Really? Really? Vidoop? They all work for Vidoop? Oh. Well. That would probably explain this then….
The concept is simple. And congruent with current OpenID logins.
One box. One credential to enter. The basic difference being that you’re using an email address instead of url.
So how do you validate that you are who you say you are? Well, there are a couple of ways.
If you don’t have know that you already have an OpenID, you can just use your email address and Email to ID will create an OpenID association for you.
The first time you sign into a new site, Email to ID will send a validation code to that email account. (Much in the same way CAN-SPAM encourages people to confirm their membership on email lists.) Using the code, you can validate that the email address is, in fact, yours and that you are who you say you are.
If you’re already a typical OpenID user, you can associate your existing OpenID(s) and relying parties with an email address. This allows you to use the inherent security features of your relying party instead of having to check your inbox every time you want log into a new site.
Technically, what’s Email to ID doing?
Okay. I can see you geekily salivating over there. But I’m not going to try to explain it. Instead, I’ll let the people doing the work explain that:
Emailtoid is a simply a mapping service – we take a GET request to our mapper ( eg, http://emailtoid.net/mapper?email=jane@example.com ) and return an HTTP redirect (a 302) to an OpenID. If the email address is not in our system, we create an OpenID account for the user on the fly. The user logs into the OpenID account by verifying his or her email address through a one time URL or confirmation code sent to that email address. The RP (relying party, the site that originally sent the request) then has the user returned to it.
Get it? Good. Explain it to me sometime.
All I care about is that it works. And it does. Quite gracefully. And that is technology as it should be.
So is OpenID “mainstream” now?
I don’t know that making OpenID mainstream should even be a goal. But I do know that making services and technologies more useful to the general populous should.
“Basically, OpenID is great, it’s a wonderful technology, but it can be a bit confusing to the end users,” said Richardson, lead developer for Email to ID. “Users are already trained to use email as an identifier, so this bridges the gap between email and OpenID.
“Ideally, this service will go away as all top level domains will implement their own mapping. But until that time, we provide a way for sites to have people to use OpenID through their email address. The barrier of entry into OpenID is significantly lower.”
Conceptually, this service marks a huge step forward for “bending the OpenID technology to the needs of the common user.” And as such, it could definitely be one avenue for introducing a new way of logging-in to a wider group of people.
But, whether the term or concept “OpenID” needs to travel along with that form of credentialing is still a matter of debate.
To paraphrase something that Kveton, who in addition to efforts at Vidoop happens to chair of the OpenID Foundation, often says, “My mom doesn’t says she’s going to go establish an SMTP connection. She says she’s going to go check her email.” Or to put it another way, “Sell the sizzle, not the steak—or Gardenburger, as the case may be.”
Make no mistake, this is progress for OpenID and its potential. And progress very much in the right direction for a very fledgling technology with a number of benefits.
I, for one, feel that—with Email to ID—one of the major gripes against OpenID is now a thing of the past.
And that means, it’s time to attack the next one. What’s next?
The problem, though, is that the Big Four Internet companies that I mentioned above have made big press announcements about their support for OpenID, but haven’t done enough to actually implement it. Microsoft has done absolutely nothing, even though Bill Gates announced their support over a year ago. Google has limited its support to Blogger, where it is both an Issuing and Relying party. Yahoo and AOL are Issuing parties only.
This is a tenuous position at best. For as much ground as we can cover from a grassroots perspective, it’s going to be exceedingly difficult to get anyone—beyond early adopters—to take on OpenID without the support of some of these bigger entities.
Without the bigs, there is no OpenID tipping point.
But the funny thing—not funny “ha ha,” but funny “sad”—is that all of these gigantic companies are struggling with one very similar issue that would be partially—if not completely—solved by an effective implementation of OpenID: bringing acquisitions under a common login credential.
Yahoo! throws its acquirees’ respective user bases into turmoil every time it asks them to move over to a Yahoo! ID. Google takes years in its struggles to get everyone on the Google credential system. Microsoft and AOL are no different.
To me, it seems obvious that OpenID could solve this issue, now and for the foreseeable future. And I can’t be the only one seeing that.
As hard as it may be for them to accept it, the bigs need to move away from their proprietary credentialing structures. They need to embrace concepts like OpenID and OAuth for what they can do to solve their problems, today.
In short, they need to let go and let OpenID.
For now, the jury is still out on when and how the big company momentum will fall behind OpenID in terms of something more than spin and lip service. But let’s hope that day is soon approaching. For all of our sakes.
I can tell you one thing: from a grassroots level, Portland is sure to be leading the charge. And we’re not going to slowing our OpenID fandom anytime soon.
Portland-based JanRain—a company that started as an OpenID play and has since morphed into the way to simplify distributed Web logins across the board—announced that they had closed Series A financing to the tune $3.25 million. The round was led by DFJ Frontier. Especially considering this round has been rumored to be in the works since this summer.
