The Potential of OpenID, why we’re not there yet, and why Videntity is close.

Posted by Alex

June 4, 2007

I recently fell in love with OpenID. Or at least, what I believe OpenID could _someday be_. The essential idea, decentralized identity management- Being constantly signed in to all your services at once, being able to sign up for new services on the fly without keeping track of yet another username/password, and most important of all, biggest of all… Being able to take your reputation with you. Being able to to say, “Yes, I’m that guy from that service. No, I’m not just ripping off his username and pretending.” Being defined by something you take with you. I mean, crap, man! That’s amazing!

Or, it would be. I think, soon, it will be. But there are two major hurdles that need to be addressed before OpenID is free to fulfill its potential and change the way we use the internet. And I really mean that. Not in that AJAX way where “change the way we use the internet” meant we could finally stop hitting the refresh button. That was awesome. But that just changed the way we use our _browser_. I’m talking the internet.

ANYWAY: The two things that need amending.

* Sites need to step up and become consumers, not just providers.

* They need to understand the potential of decentralized

It seems like there are more OpenID providers out there than consumers. I think I have 4 at this point. “ClaimID”:http://www.claimid.com gave me one when I signed up for their service, whereas “Livejournal”:http://www.livejournal.com and “AOL”:http://www.aol.com simultaneously decided, “You can use us as your universal identity!”. ClaimID is the only one of the lot that’s a consumer. They’re the weirdest one. You sign up with an OpenID, get your account, and they GIVE you an OpenID. The openid I actually use is hosted “elsewhere”:http://www.myopenid.com and proxied through so I can use this site as my ID. But I can’t use it to login to the aol website. I can’t use it to login to my livejournal account and make posts (though I can set it up as a seperate identity to leave comments). Someday, I’d like to be able to write my posts in livejournal (or, WordPress, which thusfar has the same attitude on being a “consumer”. Etc.

The other major thing. This decentralized identity system, as awesome as it is… has so far been used primarily in a bunch of centralized services. Think how awesome it would be to create a decentralized social network. Have a list of people you know, and how you know them, attached to your OpenID. Then when you register for facebook, or myspace, or Vox, or Orkut, you login with your OpenID. And the service goes to that page, scans for your friend network, spiders a little to make sure the relationship is mutual, and BAM- All the friends who use that service are automatically added as your friends. Of course, some small degree of centralization is required. Myspace, for instance, would have to store how much you trust these people, to determine if they can view your private blog posts, whatever. But by and large, your network exists outside, and the service imports it. Possible. VERY possible. Not yet implemented. “Videntity”:http://www.videntity.org is one service that’s come close. They let you store your relationships with people WITH THEM. And that’s after you sign up for an account. Will they accept OpenID? No. But they’ll give you one.

But that goes against the _style_ of OpenID. You’re supposed to be able to store it where you want. Provide it yourself, or backend the technical side away. If Videntity were to adopt a more “WordPress” attitude towards the whole thing… You know, “Host it yourself. If that’s over your head, we’ll take care of it for ya.”, that would be a vast improvement. If Videntity let you log in to their service with someone else’s OpenID and didn’t try to make you use theirs- Another improvement. If their social network system (which you point out from the inside, but not in from the outside) could interact with other servers according to some api or protocol (Perhaps something more decentralized… But where, were would we find a decentralized authentication system?)… Than that would be perfect. That, that I would use.

If I’m wrong on any of this (As is often the case), please assault me in the comments below. Especially if you know of any services out there which utterly disprove my arguments. I really wouldn’t mind being wrong, here:P

Cheers,

-Alex

Geekery