Earlier this month Jan Miksovsky described OpenID from the perspective of a typical user and how horribly confusing and unnecessary it seems upon initial introduction. It has made the rounds on the identity blogs as an insightful, eye opening critique and has received some interesting responses. I wanted to add my own perspective on what OpenID means to me. I think Jan is absolutely right on and found myself nearly laughing at how painfully silly OpenID must seem to most people. The problem is OpenID is not ultimately about Single Sign-On (SSO) even though that seems to be the way most developers view it.
Everything on the web is a resource. The URL allows you to locate and interact with that resource. As the web has grown these resources have become a little smarter and more aware of each other which leads to the current trend today where it’s all about mashups and sharing functionality across different web resources. Post a YouTube video to your friends
MySpace, add a Flickr stream to your Netvibes portal, add a Digg link to each of your blog posts, create a custom Google Maps application or Yahoo Pipe which pulls together two or more third party resources.
The only problem with this ecosystem of web services is that the end user bounces around it mostly invisible. We can have meaningful conversations about the services but we can’t have meaningful conversations about the user. OpenID flips the current focus of the web and says, “It’s not about the services I use. It’s about me.” Instantly users are transformed into
resources themselves and we are able to interact with the user within the context of the greater ecosystem, we can add functionality to the user, we can ask multiple web services about a user and create a mashup of data that provides a deeper insight and meaning about the user. The possibilities are huge. Web services can adopt a data rejection model and focus on being good at just one thing without much regard to exactly who the user is.
As great as I am making all this sound it just isn’t a reality today and most people surrounding OpenID don’t really care too much about all this “other stuff” that OpenID makes possible. There are specs in the works among the various proponents of OpenID but it is far from a reality. The attribute exchange is useful but timid. I think instead it is going to require web developers who otherwise don’t care about OpenID but view it as a requirement to the kind of service they are attempting to produce. OpenID will never be a success until there is something more useful than SSO that requires OpenID to work.
