OpenID
Tuesday, February 28th, 2006
Have you heard about “OpenID”:http://openid.net/ ? I stumbled across it by accident but I get the inkling you will be hearing/seeing/reading more about it in the future.
OpenID is a distributed single sign on system. It’s to open source, as the “Passport” system is to Microsoft.
From a user perspective it works like so:
* You go to your point of authorization and login as you probably normally would (user/pass).
* You surf the web and comment on blogs by passing your ID, which is actually a URL, with your comment.
Pretty easy hey? Yeh, but here’s what may happen _in the background_ after you submit your comment.
# Server receives comment and ID.
# Server goes to URL (that is the ID).
# Server parses the head of the URL to find a link tag with attribute of rel=”openid.server” and a href attribute.
# Server forwards you to the href it just found which is your agency.
# Agency determines whether you are you. E.g. asking for user/pass, or verifying a previous cookie it set.
# Agency forwards you back to Server with yes/no response.
# Server accepts/rejects comment.
OK, not so simple. Fortunately there’s a stack of libraries that already handle this stuff for you. Huzah for open source.
There’s a bit more to the process so check out the “OpenID”:http://openid.net/ web site for further details.
The system actually has heaps going for it when you digest it. Any existing user/pass authenticated system can provide the user with an OpenID. Therefore the system does not face a chicken and egg problem, “merely” an adoption issue. OpenID was started by LiveJournal and they have “some”:http://www.lifewiki.net/openid/OpenIDServers “others”:http://www.lifewiki.net/openid/OpenIDConsumers following.
If we continue down this road, the Internet will change considerably.
Watch out, the world as you know it is changing.
