$this->articleCE->primaryUrlById(3726771) = /security/article.php/3726771/OpenID+Gets+Star+Power.htm
OpenID Gets Star Power - InternetNews.
RealTime IT News

OpenID Gets Star Power

The mission to build a common login for all sites across the Internet has taken one giant step forward. Five, actually.

The OpenID Foundation announced today that Microsoft, Google, Yahoo, IBM and VeriSign would become its first corporate board members.

"This really puts, very strongly and clearly, an important first piece of the puzzle in place," said Bill Washburn, executive director of the OpenID Foundation.

Washburn told InternetNews.com that Web entrepreneurs and site operators have increasingly acknowledged the need for a trusted universal identifier that site visitors can use to access all their favorite Internet destinations.

Though a number of initiatives have emerged to provide common logins, most notably Microsoft's Passport, "none has taken hold," Washburn said.

Possibly until now. Today's announcement could provide OpenID with the momentum it needs to win support from other companies that have so far stayed on the sidelines, supporters say.

OpenID began as a grassroots movement in 2005. While it can now boast the support of more than 10,000 Web sites, phishing and other security concerns have hindered adoption.

Doubters have also been skeptical that enough sites would ever accept it to fulfill OpenID's promise of becoming a universal identifier.

Last June, OpenID's early community members formed the foundation to give the effort legal and organizational support. Several large companies also began making more serious overtures to the movement, including some that today joined its board.

Of the companies now joining the board, Yahoo has perhaps been the most vocal proponent of OpenID. Last month, the portal giant announced its full support of OpenID 2.0, making it the largest issuer of OpenID logins.

Security concerns have prevented Yahoo from becoming a relying party, however, meaning that the portal giant does not accept OpenID logins issued by other sites.

The involvement of IBM, and especially VeriSign, should address the security concerns of the OpenID movement, Washburn said.

VeriSign also has a long partnership with OpenID, said Nico Popp, the company's vice president of innovation. Popp told InternetNews.com that in the future, a top priority will be to ensure that the standards and protocol of OpenID remain open.

"We will definitely be very active supporting the mission of the foundation," he said. "The core mission is to protect the intellectual property," he added, citing the success of open security protocols SSL and DNS.

Combining the brain trusts behind VeriSign Identity Provider and IBM's Tivoli identity management software should go a long way to secure OpenID while ensuring that the protocols remain open, supporters said.

IBM makes for a natural partner for OpenID, because of its historic embrace of open protocols in enterprise, said Tony Nadalin, an IBM distinguished engineer and the chief security architect of Tivoli.

Nadalin said IBM had been working actively to promote a common identifier among enterprise applications, and saw in OpenID the opportunity to expand into the public Web.

"Our goal is to better enable the Web technology along with the enterprise technology as far as identity management is concerned," Nadalin told InternetNews.com.

As far as Microsoft and Google go, OpenID might actually give them something to agree on. Microsoft has expressed support for OpenID for a year, and Google has already deployed the standard on its Blogger property, both issuing OpenID logins and accepting those from other sites.

That Google has taken the first tentative step to becoming a relying party is significant for Washburn, and he hopes that more Google-owned sites will begin accepting externally issued OpenID logins -- and encouraging its proliferation.

"The expectation is that it will become pervasive," he said.

Washburn said that although the foundation will continue recruiting companies of all sizes to support the OpenID standard, it is not likely to add any more board members. The foundation is also clear that board members serve in an advisory capacity, but do not make decisions about how the OpenID standard and the community around it develop.

He also said he hopes a few specific online communities will enter the OpenID fold.

"I personally would love to see Craigslist getting serious about identity," he said, adding quickly that he is a big fan of the site. "Ninety-nine percent of the people are honest," he said, but clearing out those who aren't with identity authentication could improve the community.

He would also welcome the major social networks to follow Plaxo's lead in joining up with OpenID. However, he noted that those companies are still young, and it often takes time for sites to warm up to ideas like OpenID.

"We would just jump at the chance for them to become part of this," Washburn said. "It would clearly be something that the young users on the Net would be able to run with."