Over the past 2 months, I've been evaluating technologies to support flexible work arrangements such as working from home. I've tried MSN messaging, Yahoo IM, AOL AIM, Second Life, Wikis, Blogs, Facebook and Webex. Each one of these sites required me to establish a new user account. To be honest, I cannot remember which username and password is used with which site. OpenID is the cool technology of the week that can help solve this mess by creating "single sign on" across many vendor products.
The idea is simple - a web site serves as a trusted site for OpenID credentials. Other websites then trust this site, using it to authenticate users via simple well known internet standards ((URI, HTTP, SSL, Diffie-Hellman). By using OpenID, websites such as AOL, Technorati, Blogger, and Plaxo make it easy to signup and login, empowering users with one credential for all their instant messaging, blogging and social networking needs. The complete directory of all internet applications which support open ID is here. It's estimated that there are over 160-million OpenID users with nearly ten-thousand sites supporting OpenID logins.
There are caveats. Anyone can sign up to be a source of OpenIDs, so an unsuspecting user may sign up for credentials on an inscrutable site. Once their OpenID credentials are known, they could be used to by a hacker to break into banking or other sites not specifically OpenID enabled, since most users tend to reuse similar credentials at every site they access. There is no concept of certifying an OpenID provider or running a criminal record information check on folks who operate OpenID sites.
That being said, the OpenID, is certainly useful for those sites where security and identity pose little risk such as social networking and informational web sites. Also, OpenID could be very useful for intranets, where the provider of the OpenID is the institution itself and users then use OpenID to access applications running within the institution. In my next revision of the Harvard portal called eCommons, I will support OpenID as a means of linking together all the various domain credentials used in the Harvard environment.
In my opinion, the internet will eventually move to the concept of federated trust for authentication such as OpenID. OpenID will become even more powerful and useful when there is a credentialing mechanism to certify providers are trustworthy.
No comments:
Post a Comment