Seems like everyone is trying to incorporate game mechanics into their applications and offerings. Or, as we used to call them, “frequent flyer programs” or “loyalty programs.” Granted, there’s more than that to game mechanics, but that’s a big part of it.
But just how much Portland-associated influence will there be on the show? Well, we’re lucky to have some of the heavy hitters from the world of OpenID—and Portland—in attendance. Brian Kissel of Portland-based JanRain, Scott Kveton of Portland-based Vidoop, Chris “@factoryjoe” Messina of Vidoop (who doesn’t live in Portland, but thankfully, travels up here on a regular basis), and David Recordon of Six Apart (who is originally from Portland). And, of course, Marshall Kirkpatrick, who heads up ReadWriteWeb content development, is a Portland resident, as well.
That’s a lot of Portland. And a lot of OpenID knowledge.
Today, the group will be discussing ideas for increasing adoption of OpenID, plans for the OpenID Foundation, and opinions on Google Friend Connect and Facebook Connect. If there’s a topic you’d like to propose, visit the RWW Live post to offer it as potential discussion point or throw it out in the chat room during the call.
Speaking of chat rooms… it would probably be wise to tell you how to participate:
The show will be broadcast LIVE at 3.30pm PST Monday (6.30pm EST). We invite you to tune in and interact with us via the chat, by clicking here. You can also use the Calliflower Facebook app to listen and participate.
Can’t make the show? No worries. RWW Live is a podcast, after all. You can always listen to the discussion by heading over to ReadWriteTalk, the archive of all ReadWriteWeb podcasts.
So whether you’re saying “Open wha…?”, a staunch OpenID proponent, or an OpenID opponent, it would be well worth your time to swing by the podcast and hear these knowledgeable folks talk about the future of managing your identity on the Web.
Over 16 months after first declaring its support for the OpenID authentication platform, Microsoft has finally implemented it for the first time, allowing for OpenID logins on its Health Vault medical site. Unfortunately, Health Vault will only support authentication from two OpenID providers: Trustbearer and Verisign. Whatever happened to the Open in OpenID?
But now, Microsoft has decided to increase the number of relying parties by 50%. To three.
So who was the lucky relying party who made it through the door? Portland-based JanRain‘s myOpenID.
A number of folks—me among them—are surprised it’s taken Microsoft this long to add another relying party. And it seems like the list is still missing a few other obvious and highly secure choices.
But myOpenID is a great place to start:
JanRain’s myOpenID service, the first and most popular independent OpenID service on the Internet, provides consumers with a free, fully featured, reliable, and secure solution for managing their personal online identity. Every myOpenID user receives several choices for secure authentication beyond password. These enhanced security options include: Microsoft InfoCard, Client Certificate, or Phone-based two factor authentication.
So where better to launch the latest version of the leading OpenID plugin for WordPress—wp-openid—than Portland?
Will Norris, the lead developer of the wp-openid plugin, happens to be in town this week. And, as such, he has just announced that he will be launching wp-openid 3.0 this Wednesday at Portland Web Innovators “Demolicious!“, the new hip spot to unveil cool new tools here in town.
What does wp-openid do?
This plugin allows verified OpenIDs to be linked to existing user accounts for use as an alternative means of authentication. Additionally, commenters may use their OpenID to assure their identity as the author of the comment and provide a framework for future OpenID-based services (reputation and trust, for example).
So, if you’re a WordPress type who’s been using OpenID or who is interested in deploying OpenID on your blog, make sure to attend Demolicious! on Wednesday night at NEMO Design. Even if you’re just OpenID curious, I’d highly encourage you to attend.
Plus, as always, there will be some other cool stuff being demoed there, as well.
Look. You’re in Portland. Arguably the de facto hub of OpenID. So it happens. The OpenID soapbox is literally right here. I can jump on it at practically any time.
So yes, I’m talking about OpenID, again.
But this time, I think even the staunchest critics will find the discussion interesting. Because it solves a very common complaint.
You see, once you get past initial objections surrounding OpenID and the “we should push the value, not the technology” discussion—once you get into actually trying to convince people to use OpenID as a form of credential for online services—one criticism tends to pop up time and time again…
Why is OpenID a url? Why can’t OpenID be an email address?
Why does this complaint come up so much? Because email passes the “mom ‘n’ pop” test. As in mom ‘n’ pop are growing increasingly comfortable with the idea of having an email address. They “get it.” And they’re far more comfortable managing that type of address than they are managing a url.
Long story short, email seems easier to grasp.
And we’ve been so conditioned to plug an email address into the “username” box, that it’s almost becoming second nature.
The concept is simple. And congruent with current OpenID logins.
One box. One credential to enter. The basic difference being that you’re using an email address instead of url.
So how do you validate that you are who you say you are? Well, there are a couple of ways.
If you don’t have know that you already have an OpenID, you can just use your email address and Email to ID will create an OpenID association for you.
The first time you sign into a new site, Email to ID will send a validation code to that email account. (Much in the same way CAN-SPAM encourages people to confirm their membership on email lists.) Using the code, you can validate that the email address is, in fact, yours and that you are who you say you are.
If you’re already a typical OpenID user, you can associate your existing OpenID(s) and relying parties with an email address. This allows you to use the inherent security features of your relying party instead of having to check your inbox every time you want log into a new site.
Technically, what’s Email to ID doing?
Okay. I can see you geekily salivating over there. But I’m not going to try to explain it. Instead, I’ll let the people doing the work explain that:
Emailtoid is a simply a mapping service – we take a GET request to our mapper ( eg, http://email@example.com ) and return an HTTP redirect (a 302) to an OpenID. If the email address is not in our system, we create an OpenID account for the user on the fly. The user logs into the OpenID account by verifying his or her email address through a one time URL or confirmation code sent to that email address. The RP (relying party, the site that originally sent the request) then has the user returned to it.
Get it? Good. Explain it to me sometime.
All I care about is that it works. And it does. Quite gracefully. And that is technology as it should be.
So is OpenID “mainstream” now?
I don’t know that making OpenID mainstream should even be a goal. But I do know that making services and technologies more useful to the general populous should.
“Basically, OpenID is great, it’s a wonderful technology, but it can be a bit confusing to the end users,” said Richardson, lead developer for Email to ID. “Users are already trained to use email as an identifier, so this bridges the gap between email and OpenID.
“Ideally, this service will go away as all top level domains will implement their own mapping. But until that time, we provide a way for sites to have people to use OpenID through their email address. The barrier of entry into OpenID is significantly lower.”
Conceptually, this service marks a huge step forward for “bending the OpenID technology to the needs of the common user.” And as such, it could definitely be one avenue for introducing a new way of logging-in to a wider group of people.
But, whether the term or concept “OpenID” needs to travel along with that form of credentialing is still a matter of debate.
To paraphrase something that Kveton, who in addition to efforts at Vidoop happens to chair of the OpenID Foundation, often says, “My mom doesn’t says she’s going to go establish an SMTP connection. She says she’s going to go check her email.” Or to put it another way, “Sell the sizzle, not the steak—or Gardenburger, as the case may be.”
Make no mistake, this is progress for OpenID and its potential. And progress very much in the right direction for a very fledgling technology with a number of benefits.
I, for one, feel that—with Email to ID—one of the major gripes against OpenID is now a thing of the past.
And that means, it’s time to attack the next one. What’s next?