OpenID Foundation – Google, IBM, Microsoft, VeriSign and Yahoo

I am very happy to be able to say that Google, IBM, Microsoft, VeriSign and Yahoo are joining the OpenID Foundation (on whose board I sit.) It marks the end of a lot of hard work by all parties involved, as well as — at least for me personally — the hope that we will be able to get a decentralized federated single sign-on technology across the internet.

My experience from co-authoring djabberd, as well as working on systems with large amount of end users, has taught me the value of decentralized federation. Just as I have multiple different jabber ids or email address for different contexts, I also want to have different identities that I can use in different contexts across multiple sites.

From the beginning I was captivated by the promises of this system, and at Six Apart I worked to make sure it was available for widespread adoption. I would like to especially thank David Recordon for convincing me, and others to continue, and his tireless evangelization, which got him a 2007 Google-O’Reilly Open Source Award. It is fitting that he is now back at Six Apart.

I am very grateful to the entire OpenID Community, the rest of the Foundation board and supporting companies who have taken it this far in a little over two and a half years.

Brad Fitzpatrick created OpenID to solve the problem of people commenting between different installations of LiveJournal. Using a URL-based identity for blog commenting made perfect sense, as the identity you are commenting with is your blog. However, the URL-based identity does confuse people, and so at the Social Graph Foo Camp, Brad et al came up with a proposal to map email addresses to OpenID URLs. Perhaps the idea of just using your email address to login will be easier to understand.

Another area where we see innovation enabled is that OpenID does not specify how you authenticate to your OpenID provider. We have seen examples of this innovation including putting OpenID in cellphones, connecting it with the Estonian National ID card, older standards like Kerberos, new desktop authentication technologies, one-time-password tokens, and even new markets being formed around phishing resistant web authentication.

This kind of layered extensibility is why I find the design of OpenID so important, as I’ve written before. It is an enabling technology. The basic implementation allows exploration and I am looking forward to see what people can use it for.

Again, thanks all of you who made it happen.