Archive for the Work Category

Next Entries »
Feb 19 2007

openID = login magic

Posted by: andrew in Uncategorized, Work, Cool thing of the day

.:10% cool technology…90% magic dust:.

‘OpenID is an open, decentralized, free framework for user-centric digital identity’ (openID.net)

what does that really translate into? it’s a standard by which you’ll be able to create one profile/identity for yourself on the web and then login to multiple sites that support it. so instead of creating a standalone profile for myspace, zooomr, garageband.com and wikipedia, all of which you have profile options to setup, you’ll create one and aim them all at it. after playing around with it, i’m a believer. and while a site has to specifically support it, i feel like this is a no-brainer standard that will pick up adaptation over this year.

let’s have a quick little history lesson on openID, now shall we? mmmhmmm…

familiar with livejournal? the guy that created it, brad fitzpatrick is the guy you should tip your hat to. a lot of other people/businesses have tried to file for trademarks…a lot of bible-style ‘buddy begat that, and he begat her, and she begat that…etc.’ stuff happened, over the past couple of years…but mr. fitzpatrick was your main playa’. you can read more details here. the three main things that you need to know are that:

1. the protocol being used to standardize openID 2.0 is called ‘yadis
2. further development is being spearheaded by openID.net
3. this is not something that people are trying to make money from

if you went to openid.net, you’d see this statement:

“Nobody should own this. Nobody’s planning on making any money from this. The goal is to release every part of this under the most liberal licenses possible, so there’s no money or licensing or registering required to play. it benefits the community as a whole if something like this exists, and we’re all a part of the community.”

yet another reason why the idea of open source development is so fantastic, as it is a complete reflection of the general mentality for the web.

.:how does it work?:.

first off, you should know that AOL and Yahoo! have already picked this thing up; i just don’t think a lot of people know about it yet. so, if you have an AOL account, you would set up your profile. then you could go to livejournal.com and signup for an account using openid.aol.com/username. you’d fill out a couple of other things, but that’s it . now each time you go to use livejournal, you login like you did above. if you have a Yahoo! account, you set everything up through idproxy.net. so if you’re worried about the credibility of openID being a ’standard’, i don’t think you should be.

another way you could do it would be setting up your own web server to do this. it’s a relatively simple thing to do, but to be honest with you, i haven’t had any luck with it using the one PHP script i found. i know that it’s probably an easy setting i’m missing, but i don’t claim to be any kind of developer-type, and so i opened up door #3…

…which means that i went to a place called myopenid.com and signed up for an account there. there are a couple of others, but i chose this one because it’s an extremely simple site and gets directly to the point of giving you what you want. they even give you a nice directory of all of the places where you can actually use it too.

once you sign up here, you create a persona…or multiple personas, should you happen to have multiple login names and profiles. once you’ve done that, you’re ready to go. all of your profile information is set on their server, and so now you can go to zooomr.com and login using ‘username.myopenid.com’. simple.

now, i went ahead and took this one step further. again, this doesn’t mean that i’m any kind of genius; anybody can do this. you just have to read a little more. i went ahead and bought my .name domain (i.e. geonetta.name). i then aimed that domain at http://www.geochurn.com. then, i took a piece of code that looks like this:

<link rel="openid.server" href="http://www.myopenid.com/server" />
<link rel="openid.delegate" href="http://youraccount.myopenid.com/” />
<meta http-equiv=”X-XRDS-Location” content=”http://youraccount.myopenid.com/xrds” />

…and put it in the header information of my blog. and…because my web hosting provider allows me to setup and use sub-domains, i went ahead and created andrew.geonetta.name. i also aimed that at geochurn.com.

what did all of that do? the same zooomr.com scenario above plays out except instead of signing in with username.myopenID.com, i can sign in using geochurn.com, geonetta.name or even andrew.geonetta.name. the login hits my site, sees the header information that i plugged in and redirects to check the myopenid.com information and i’m ready to go.

if you’d like a more detailed explanation of how this all works, go here and scroll down to the ‘how openID works’ part.

.:catch? what catch?:.

what’s the catch? the answer is really TBD at this point, as this is a fledgling idea that is just starting to catch on and is still being rounded out as far as standardization is concerned. so right now, there really isn’t so much of a catch as a general identity concern.

first, this isn’t necessarily technology that is being considered for all situations where you’re having to login to something. for example, you couldn’t (and probably wouldn’t want) to login to your credit card or your bank account using this…for now. that’s not to say that there isn’t any future development for this. i could see a company like verisign perhaps tweaking this to become something more secure so that you could potentially use it for credit card account management or things like that.

but in either case, accountability is something that doesn’t seem to be top of mind for anyone. since this is opensource and ‘decentralized’, what happens when, say, myopenid.com has a little leak? well, since i chose them to host my information, it’s nobody’s fault but my own if something bad were to happen. and i guess ‘bad’ is relative…depending on what i have going on at the sites that i have profiles that use openID to verify my identity. right now, these are relatively harmless sites; places where people aren’t really going to be able to do much damage or harm in my opinion.

right now, we don’t know what openID providers will give you good, reliable service. and going to the whole ‘future development’ thing, what happens when i sign up for an openID at provider A, but my bank doesn’t trust provider A as a reliable provider. while there isn’t anything to say that i couldn’t move my info. to another openID provider relatively easily, it’s still an inconvenience. and it still doesn’t solve the overall problem, because now provider B that i just moved my stuff to might not be considered reliable by yet another service that i have.

finally, what is to stop providers from selling any of my information to other services…e-mail list distributors, junk mail, etc? i see this being a problem with service providers that are more prominent…like verisign, for example. they could make a good chunk of cash by selling off that information. we as consumers will need to be very careful when reading the fine print on what providers can and can’t do with our information.

.:the end:.

in the end, openID is a great thing; however, as i stated previously, it’s still in a standardization phase. there is a lot of development that needs to be done, and so if you’re an early adapter, you should be aware that things could change very quickly. i will once again state that since using it, i really like it. as a matter of fact, it’s hard to even think about creating another stupid user profile again the same way, as the convenience factor here is mind boggling.

stay tuned for more development on openID…

No Comments »

Next Entries »

      Subscribe to me NOW