OpenID

Have you heard about "OpenID":http://openid.net/ ? I stumbled across it by accident but I get the inkling you will be hearing/seeing/reading more about it in the future. OpenID is a distributed single sign on system. It's to open source, as the "Passport" system is to Microsoft. From a user perspective it works like so: * You go to your point of authorization and login as you probably normally would (user/pass). * You surf the web and comment on blogs by passing your ID, which is actually a URL, with your comment. Pretty easy hey? Yeh, but here's what may happen _in the background_ after you submit your comment. # Server receives comment and ID. # Server goes to URL (that is the ID). # Server parses the head of the URL to find a link tag with attribute of rel="openid.server" and a href attribute. # Server forwards you to the href it just found which is your agency. # Agency determines whether you are you. E.g. asking for user/pass, or verifying a previous cookie it set. # Agency forwards you back to Server with yes/no response. # Server accepts/rejects comment. OK, not so simple. Fortunately there's a stack of libraries that already handle this stuff for you. Huzah for open source. There's a bit more to the process so check out the "OpenID":http://openid.net/ web site for further details. The system actually has heaps going for it when you digest it. Any existing user/pass authenticated system can provide the user with an OpenID. Therefore the system does not face a chicken and egg problem, "merely" an adoption issue. OpenID was started by LiveJournal and they have "some":http://www.lifewiki.net/openid/OpenIDServers "others":http://www.lifewiki.net/openid/OpenIDConsumers following. If we continue down this road, the Internet will change considerably. Watch out, the world as you know it is changing.