OpenID, Trust, Vendor Locking and Delegation

February 22, 2007

There is a lot going on about OpenID these days and a lot of claims are being raised which prevents greater adoption of OpenID by users.

One of these claims is about Trust and Vendor Locking. How can I trust a certain OpenID vendor? after all, gaining access to my OpenID account will give access to all of the sites I’ve signed in/up using OpenID.

This is a legitimate claim, since it reminds everyone of how Microsoft Passport.NET Live ID is not that successful being a one vendor, non transferable identity.

One of the key elements of OpenID is that it’s decentralized and there is no one body that controls it but if a user signed up to a certain OpenID vendor they are essentially locked into that vendor unless they have the proper skills or items that allows them to perform delegation.

Having delegation is exactly the thing to make all of these claims go away since delegation give the power back to the user. The underlying OpenID vendor will supply the service but everything MUST go through the user’s domain to get to the vendor, thus allow the user to change vendors without being locked in.

The problem with delegation, however, is that it requires a certain amount of preparation. You either need to have your own site/blog and add the necessary <head> tags or you need to use a service like FreeYourID.com (I’ve previously written about it here) which gives you a URL composed out of your name (using the .name domain).

The problem with the solution of FreeYourID.com is that its only one .name vendor that provides this service. Although they are responsible for the whole .name TLD it is still a sort of vendor locking. If all .name providers will support such a service, things will look much better.

To sum things up, a possible answer for the claims about OpenID, Trust and Vendor Locking is to simply highlight the benefits of delegation and provide all of the necessary technical means needed to make this as easy as possible.

Below is a list of a couple of ideas I thought about (some are more of a wishful thinking since it doesn’t depend on the OpenID community alone) which might make things easier for everyone:

  • Support for OpenID for .name domains available with all the .name providers
  • Built-in support for Delegation in blogging platforms including hosted ones such as WordPress.com, Blogger, TypePad and the rest (for WordPress blogs that you are on your own server/domain you can use my OpenID Delegation plugin :-) )
  • Support for migrating existing accounts in existing sites to an OpenID account, thus allowing users to consolidate their various accounts on various sites into an OpenID account.
  • Support for migration of accounts between OpenID vendors including support in the OpenID spec to figure out a permanent redirection and perform a necessary fix up (similar to a permanent redirection performed in HTTP).

Technology is suppose to make things easier for everyone and lower the barrier of participation so that everyone, regardless of their skills, can use technology for their benefit. Let’s lower the participation barrier for OpenID and let everyone claim their own identity.

Be Sociable, Share!

tags: , , ,
posted in OpenID by Eran Sandler

Follow comments via the RSS Feed | Leave a comment | Trackback URL

  • http://eran.sandler.co.il Eran

    Andrew, I usually approve comments, so if they are not appearing straight away that’s OK. Your first comment did not vanish, it was pending approval. I’ve approved both of them (just in case you added something additional in the second one).

    Regarding your problem, it is not true you need your own domain.

    The problem in some cases is that if you register to a site that supports OpenID and also act as a Provider (provides you OpenID like Zooomr) as opposed to just being a Consumer (like this blog) you might be in a problem here and that’s something that most users don’t really mind.

    Your URL is in Zooomr not MyOpenID so if MyOpenID go broke (and I doubt they will any time soon) Zooomr may simply select to change their underlying OpenID provider (which in this case is MyOpenID) so I’m guessing here, there won’t be a problem with that. Of course, taking it to Zooomr would be the best place to get a complete and true answer.

    If you register to an OpenID provider such as MyOpenID (or any other for that matter) prior to joining sites such as Zooomr and you use delegation with your blog, you won’t have a problem.

    Perhaps you can talk with Zooomr and ask them to re-associate your account with a different OpenID. That way you’ll be able to switch to your own domain.

    Regarding multiple OpenIDs, have you seen Jyte (http://www.jyte.com), they let you associate as many OpenID as you have with your account. Perhaps you can convince Zooomr to do the same…

  • Pingback: OpenID Vendor Lock-In (sort of) | Another blog bites the dust

  • http://eran.sandler.co.il Eran

    Andrew, if you’ve seen my new post “OpenID Vendor Lock-In (sort of)” you’d see that this is exactly what I’m talking about.

    Regarding Zooomr, I’ll update in the post that they don’t actually use MyOpenID through their affiliates program (thanks for that information).

  • Anonymous

    Should you select the right colours and also trims you can instantaneously enhance and update the look off any kind of place at home. Condominiums, apartments, and custom-designed homes are typical in a position to attain style and also basic type along with just an addition of some well decided on top molding. After you have accomplished installing the actual custom millwork then you can finish it using new furnishings, floor coverings and also color. These kind of basic steps can change your own home from boring to beautiful before your eyes.http://www.ptdoors.co.il

Switch to our mobile site

 
Powered by Wordpress and MySQL. Theme by Shlomi Noach, openark.org