By Chris Maxcer LinuxInsider Part of the ECT News Network
01/17/08 3:42 PM PT
"I liken OpenID to RSS -- if you ask a casual user of the Internet what RSS is, they will probably shrug their shoulders," Scott Kveton, chairman of the OpenID Foundation board, told LinuxInsider. "However, RSS is used in many, many popular applications. I think OpenID will take the same path and we'll start to see applications that take advantage of what it means to be an OpenID."
eMarketer Whitepaper: Optimizing the E-Commerce Experience
From the Web to the Contact Center, are you prepared to proactively engage and keep your savvy customers? Read how e-commerce leaders are optimizing their sites with ratings, reviews, live help, Web analytics, mobile and more.
Yahoo (Nasdaq: YHOO), with its 248 million active registered users worldwide, has announced that all of them will be able to use their Yahoo IDs as an OpenID to let them eliminate separate IDs and logins at Web sites that support the open, decentralized digital identity framework.
"What Yahoo has announced today is the ability for people with accounts on Yahoo and Flickr to use those accounts via OpenID to login to nearly 10,000 different services around the Web," David Recordon, open platforms tech lead of Six Apart and vice chair of the OpenID Foundation, told LinuxInsider.
"This is beneficial as it means that a Yahoo user going to comment on a blog, join a community, or sign up for a new service does not have to create a new username and password, but rather can use their OpenID from Yahoo," he explained.
Yahoo's initial OpenID service will be available in public beta on Jan. 30, and it will enable a seamless and transparent Web experience by letting users use their custom OpenID identifier on my.yahoo.com or to simply type in "www.yahoo.com" or "www.flickr.com" on any site that supports OpenID 2.0. Alternatively, Web sites that accept OpenID 2.0 will be able to add a simple "Sign-in with Your Yahoo ID" button to their login pages that will make it even easier for their users.
Huge Coup for OpenID
"I see Yahoo as being an extremely important catalyst in mainstream adoption of OpenID," Recordon noted. "In a single announcement, they've added nearly a quarter-billion new OpenIDs to the entire ecosystem. In just two weeks, this has already been a great year for OpenID with Yahoo joining AOL, Apple (Nasdaq: AAPL), Google, Microsoft (Nasdaq: MSFT), VeriSign (Nasdaq: VRSN) and others in their support of OpenID."
The Yahoo announcement effectively triples the number of people who are able to use OpenID, and the OpenID movement is clearly hopeful that Yahoo's support will help spur adoption.
One-Way Back Scratching
Yahoo's support, however, only goes one direction. "If Yahoo decides to accept OpenID on their own properties, it would allow the other 150-plus million people with OpenIDs to login and use Yahoo services without having to directly create a new Yahoo identity if they didn't want to," Recordon explained.
So who are those 150 million OpenID users?
"Most of today's users are definitely tech-savvy," Scott Kveton, chairman of the OpenID Foundation board, told LinuxInsider. "I liken OpenID to RSS -- if you ask a casual user of the Internet what RSS is, they will probably shrug their shoulders.
"However, RSS is used in many, many popular applications," he added. "I think OpenID will take the same path and we'll start to see applications that take advantage of what it means to be an OpenID; I've proved I own this specific, unique end-point for myself on the Internet. What I land there -- services or otherwise -- will be what really propel OpenID's growth and adoption."
Yahoo's implementation is based on the OpenID 2.0 specification. Yahoo worked closely with the OpenID Foundation and community to finalize the specification in December 2007. The specification includes new features that improve security and usability of OpenID, making it the most user-friendly single sign-on and online user-authentication standard, Yahoo said. Yahoo's users who log in with their Yahoo ID on OpenID sites will have the added protection of Yahoo's sign-in seal wherever they go on the Web. No e-mail or IM addresses are revealed or disclosed as part of the login process, Yahoo noted, which further helps protect users from phishing or other attacks.
All Eggs in One Basket?
Critics of OpenID contend that users are essentially putting all of their access details in a single basket -- if the basket were ever compromised, so to speak, nefarious individuals could gain access to everything inside the basket.
"The balance between convenience and security is always going to be an issue," Stephen O'Grady, RedMonk industry analyst, told LinuxInsider. "OpenID certainly has its issues, but then so too does the challenge of remembering multiple passwords for different sites and accounts. While in theory it would be more secure to use different, unique, strong passwords for different venues, in practice most people use one simple one throughout."
If users use a single, robust authentication system, it's not only convenient, it may also be stronger than many weak login methods, he noted.
I'll Show You My Mobile Linux Platform if You Show Me Yours January 09, 2008
Is Google simply being benevolent and disrupting the status quo? Not likely. If its goal was simply to encourage open source mobile application development, why didn't it just join LiMo or LiPS or some other mobile Linux consortium? Why did it have to start its own? Now here comes Yahoo, and before you know it, everyone who's anyone has a mobile SDK, and now you've got a crowded and confused field.
Related Stories
Russian Firm Plays Web 2.0 Roulette With LiveJournal Buy December 03, 2007
Six Apart may be best served by devoting its resources -- it has received nearly $30 million in venture capital to date -- toward its business blogging tools, given the expected growth in that area, said Forrester Research analyst Charlene Li. "Corporations are starting to adopt Web 2.0 tools and they want solid technology that can be integrated into their existing networks," she told the E-Commerce Times.
Meeting SOA and Web Services Security Challenges, Part 2 August 31, 2007
"SOA compounds the security decision because many moving parts, as in modular programs, come together as the final application. IT and security staffs need to closely coordinate at the beginning of an SOA project in order to determine the appropriate mitigation of confidentiality, integrity and availability," CipherOptics vice president of product management Scott Palmquist said.
Related News Alerts
More by Chris Maxcer
The Gphone That Could Catch My Eye November 20, 2009
Rumors are cropping up that Google is preparing to sell its own Gphone -- an Android handset using Google-branded hardware. There are some reasons to doubt it will happen, of course, but the possibility is intriguing. What would Google have to build to make something worthy of an iPhone fan's attention?
Apple's House Rules Won't Be the Death of App Development November 13, 2009
Facebook's iPhone app is one of the most popular wares the App Store has ever carried. But its developer, Joe Hewitt, says he's through with it, stating that Apple's review policies are starting a bad precedent for other platforms. However, good apps from talented developers will always find platforms, and Apple's policies won't prevent that from happening. They may even help.
Let's Give the iPhone Hackers a Big Round of Applause November 06, 2009
It's safe to say most Apple customers are satisfied living in the walled-off ecosystem that the company has created for products like the iPhone. Still, it's good to know that it is possible -- and relatively easy, even -- to bust through those walls if one should ever want to. The work of iPhone hackers is appreciated even by those who've never felt the jailbreak itch.
Headline Feeds
Talkback: 
