Seems like everyone is trying to incorporate game mechanics into their applications and offerings. Or, as we used to call them, “frequent flyer programs” or “loyalty programs.” Granted, there’s more than that to game mechanics, but that’s a big part of it.
The message carried some very interesting tidbits about future OpenID developments with Google. Sachs recommended using Portland-based JanRain’s RPX solution for OpenID.
When a company like Google recommends using Portland-based JanRain for OpenID implementations that that just lends credence to my argument, doesn’t it?
thanks to the efforts of Portland-based JanRain, even the good old brick and mortar companies like KMart and Sears are jumping on the OpenID bandwagon.
Google (maybe you’ve heard of them?) has just announced two new enhancements to the Google OpenID API. And it just so happens that Portland-based JanRain and their RPX solution have come to play a critical role in the announcement: they’re one of the first examples of the new features in use. Read More
Many of you know that in addition to serving as an OpenID proponent, a critical part of the Vidoop team, and a devout bacon—and bacn—geek, Scott Kveton has also served as the chair of the OpenID Foundation.
Today, the Foundation announced its new officers. And while Kveton has moved into the role of vice-chair, I’m happy to report that Brian Kissell of Portland-based JanRain has been elected chair of the organization.
It’s great to see Portland—the de facto hub of OpenID development—continuing to have a noted presence in the Foundation and its efforts.
In other news, a little company called PayPal—which is owned by another little company called eBay—became a sustaining member of the OpenID Foundation. But neither of them are from the Silicon Forest, so that’s secondary news.
I like to proffer that Portland, Oregon, is the hub of OpenID (whether it’s true or not). That’s why I love days like today that only add credence to my assertion.
Today, RWW Live—the podcast for ReadWriteWeb—will be focused on OpenID. As such, it will be pulling in a whole bunch of Portland connections to participate.
But just how much Portland-associated influence will there be on the show? Well, we’re lucky to have some of the heavy hitters from the world of OpenID—and Portland—in attendance. Brian Kissel of Portland-based JanRain, Scott Kveton of Portland-based Vidoop, Chris “@factoryjoe” Messina of Vidoop (who doesn’t live in Portland, but thankfully, travels up here on a regular basis), and David Recordon of Six Apart (who is originally from Portland). And, of course, Marshall Kirkpatrick, who heads up ReadWriteWeb content development, is a Portland resident, as well.
That’s a lot of Portland. And a lot of OpenID knowledge.
Today, the group will be discussing ideas for increasing adoption of OpenID, plans for the OpenID Foundation, and opinions on Google Friend Connect and Facebook Connect. If there’s a topic you’d like to propose, visit the RWW Live post to offer it as potential discussion point or throw it out in the chat room during the call.
Speaking of chat rooms… it would probably be wise to tell you how to participate:
The show will be broadcast LIVE at 3.30pm PST Monday (6.30pm EST). We invite you to tune in and interact with us via the chat, by clicking here. You can also use the Calliflower Facebook app to listen and participate.
Can’t make the show? No worries. RWW Live is a podcast, after all. You can always listen to the discussion by heading over to ReadWriteTalk, the archive of all ReadWriteWeb podcasts.
So whether you’re saying “Open wha…?”, a staunch OpenID proponent, or an OpenID opponent, it would be well worth your time to swing by the podcast and hear these knowledgeable folks talk about the future of managing your identity on the Web.
In June, that little software company to the north of us, Microsoft, made news by allowing OpenID logins to its Microsoft Health Vault product.
Problem was—as TechCrunch noted—only two OpenID relying parties were allowed to play:
Over 16 months after first declaring its support for the OpenID authentication platform, Microsoft has finally implemented it for the first time, allowing for OpenID logins on its Health Vault medical site. Unfortunately, Health Vault will only support authentication from two OpenID providers: Trustbearer and Verisign. Whatever happened to the Open in OpenID?
But now, Microsoft has decided to increase the number of relying parties by 50%. To three.
So who was the lucky relying party who made it through the door? Portland-based JanRain‘s myOpenID.
A number of folks—me among them—are surprised it’s taken Microsoft this long to add another relying party. And it seems like the list is still missing a few other obvious and highly secure choices.
But myOpenID is a great place to start:
JanRain’s myOpenID service, the first and most popular independent OpenID service on the Internet, provides consumers with a free, fully featured, reliable, and secure solution for managing their personal online identity. Every myOpenID user receives several choices for secure authentication beyond password. These enhanced security options include: Microsoft InfoCard, Client Certificate, or Phone-based two factor authentication.
For more information on the personal health record service, visit Microsoft Health Vault. For more on JanRain and its OpenID solutions, visit JanRain or myOpenID.
So where better to launch the latest version of the leading OpenID plugin for WordPress—wp-openid—than Portland?
Will Norris, the lead developer of the wp-openid plugin, happens to be in town this week. And, as such, he has just announced that he will be launching wp-openid 3.0 this Wednesday at Portland Web Innovators “Demolicious!“, the new hip spot to unveil cool new tools here in town.
What does wp-openid do?
This plugin allows verified OpenIDs to be linked to existing user accounts for use as an alternative means of authentication. Additionally, commenters may use their OpenID to assure their identity as the author of the comment and provide a framework for future OpenID-based services (reputation and trust, for example).
So, if you’re a WordPress type who’s been using OpenID or who is interested in deploying OpenID on your blog, make sure to attend Demolicious! on Wednesday night at NEMO Design. Even if you’re just OpenID curious, I’d highly encourage you to attend.
Plus, as always, there will be some other cool stuff being demoed there, as well.
Look. You’re in Portland. Arguably the de facto hub of OpenID. So it happens. The OpenID soapbox is literally right here. I can jump on it at practically any time.
So yes, I’m talking about OpenID, again.
But this time, I think even the staunchest critics will find the discussion interesting. Because it solves a very common complaint.
You see, once you get past initial objections surrounding OpenID and the “we should push the value, not the technology” discussion—once you get into actually trying to convince people to use OpenID as a form of credential for online services—one criticism tends to pop up time and time again…
Why is OpenID a url? Why can’t OpenID be an email address?
Why does this complaint come up so much? Because email passes the “mom ‘n’ pop” test. As in mom ‘n’ pop are growing increasingly comfortable with the idea of having an email address. They “get it.” And they’re far more comfortable managing that type of address than they are managing a url.
Long story short, email seems easier to grasp.
And we’ve been so conditioned to plug an email address into the “username” box, that it’s almost becoming second nature.
If only! If only someone, somewhere could put some of the leading minds together with some brilliant developers and get this thing figured out. I mean, maybe like Chris Messina and Will Norris. Maybe get Scott Kveton and Scott Blomquist in there. And that Michael Richardson is a pretty sharp developer.
I mean, if someone could manage to put a team like that together… I’m sorry. What? Really? Really? Vidoop? They all work for Vidoop? Oh. Well. That would probably explain this then….
The concept is simple. And congruent with current OpenID logins.
One box. One credential to enter. The basic difference being that you’re using an email address instead of url.
So how do you validate that you are who you say you are? Well, there are a couple of ways.
If you don’t have know that you already have an OpenID, you can just use your email address and Email to ID will create an OpenID association for you.
The first time you sign into a new site, Email to ID will send a validation code to that email account. (Much in the same way CAN-SPAM encourages people to confirm their membership on email lists.) Using the code, you can validate that the email address is, in fact, yours and that you are who you say you are.
If you’re already a typical OpenID user, you can associate your existing OpenID(s) and relying parties with an email address. This allows you to use the inherent security features of your relying party instead of having to check your inbox every time you want log into a new site.
Technically, what’s Email to ID doing?
Okay. I can see you geekily salivating over there. But I’m not going to try to explain it. Instead, I’ll let the people doing the work explain that:
Emailtoid is a simply a mapping service – we take a GET request to our mapper ( eg, http://emailtoid.net/mapper?email=jane@example.com ) and return an HTTP redirect (a 302) to an OpenID. If the email address is not in our system, we create an OpenID account for the user on the fly. The user logs into the OpenID account by verifying his or her email address through a one time URL or confirmation code sent to that email address. The RP (relying party, the site that originally sent the request) then has the user returned to it.
Get it? Good. Explain it to me sometime.
All I care about is that it works. And it does. Quite gracefully. And that is technology as it should be.
So is OpenID “mainstream” now?
I don’t know that making OpenID mainstream should even be a goal. But I do know that making services and technologies more useful to the general populous should.
“Basically, OpenID is great, it’s a wonderful technology, but it can be a bit confusing to the end users,” said Richardson, lead developer for Email to ID. “Users are already trained to use email as an identifier, so this bridges the gap between email and OpenID.
“Ideally, this service will go away as all top level domains will implement their own mapping. But until that time, we provide a way for sites to have people to use OpenID through their email address. The barrier of entry into OpenID is significantly lower.”
Conceptually, this service marks a huge step forward for “bending the OpenID technology to the needs of the common user.” And as such, it could definitely be one avenue for introducing a new way of logging-in to a wider group of people.
But, whether the term or concept “OpenID” needs to travel along with that form of credentialing is still a matter of debate.
To paraphrase something that Kveton, who in addition to efforts at Vidoop happens to chair of the OpenID Foundation, often says, “My mom doesn’t says she’s going to go establish an SMTP connection. She says she’s going to go check her email.” Or to put it another way, “Sell the sizzle, not the steak—or Gardenburger, as the case may be.”
Make no mistake, this is progress for OpenID and its potential. And progress very much in the right direction for a very fledgling technology with a number of benefits.
I, for one, feel that—with Email to ID—one of the major gripes against OpenID is now a thing of the past.
And that means, it’s time to attack the next one. What’s next?
