Products

Solutions

Resources

Partners

Community

About

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

The Community Blog is a personal opinion of community members and by no means the official standpoint of DNN Corp or DNN Platform. This is a place to express personal thoughts about DNNPlatform, the community and its ecosystem. Do you have useful information that you would like to share with the DNN Community in a featured article or blog? If so, please contact .

The use of the Community Blog is covered by our Community Blog Guidelines - please read before commenting or posting.


OpenID – Can you feel the love?

Republished from blog.TheAccidentalGeek.comIHeartOpenID

It seems that everyone is jumping on the OpenID bandwagon - kinda.  First came WordPress.  Then Yahoo, AOL, Microsoft and now Google.  It seems that all the major internet players now officially support OpenID in one fashion or another.  In almost every case, the major players have really just stuck their toe in the water by becoming OpenID providers.  This means that your accounts on all of these services have now become valid OpenID tokens.  This is great news but it is not enough.

For most users, getting an OpenID account has never been a problem.  Anyone who wanted to use OpenID could easily have signed up with MyOpenID, MyID, ClaimID, Verisign or many other OpenID providers.  The real challenge for most users has been finding a site that accepts OpenID.  The list (also another one here) of sites that accepts OpenID is growing.  However, if you peruse those lists you will notice something missing.  Namely, what you won’t find is WordPress, or Yahoo, or AOL or Microsoft or Google on the list of sites accepting OpenID.

John Timner on ArsTechnica refers to this as the Balkanization of OpenID.  Each of these major players wants to be seen as being open and playing nice, but they have not really left their walled gardens.  They all want to own you and your identity.  It is much easier for Google to convince you to use Gmail instead of Hotmail if you already have a Google account, or to try out Picasa instead of Flickr. 

Google is probably the worst offender in this group.  Beyond just becoming an OpenID provider, Google has actually forked the OpenID standard.  With Microsoft, Yahoo, AOL, WordPress and the other major providers, I can take their OpenID token and use it to login to ANY OpenID enabled website.  All I need is my custom URL provided by the OpenID provider and I am good to go. 

Google has decided that they can “improve” on the standard and now want sites to just accept your Google email address as the OpenID token.  The site would then have to know a special Google URL and use that to determine the final authentication endpoint for the user.  While this approach makes it easier for users to remember their token, it ensures that almost no site on the web will support using your Google id to authenticate with.  Those that do support it will have to “hardcode” the special Google URL into their applications.  As any programmer will tell you – hard coding values is seldom a good thing.  Imagine if every vendor followed Google’s approach.  I would need to hard code URLs for every OpenID provider that existed, and would need to constantly update my application every time some new OpenID provider was created.  Clearly this does not scale.  For a company that claims to “do no evil”, this looks pretty malevolent.

Hopefully, these vendors are working on becoming on OpenID relying parties.  That is, that they will open up their sites to allow anyone with an OpenID to login.  Given the history of these companies and the value of retaining ownership of these customers, I don’t see them changing anytime soon.

So, what does all this mean for you?  It means that if you have a WordPress, Yahoo, AOL, Microsoft, or Google (kinda) account that you can take advantage of a growing number of sites and platforms that accept OpenID.  Many bloggers like Scott Hanselman   and Jon Galloway  have OpenID enabled their blogs as well as their blogging platforms (DasBlog and SubText respectively).  Some popular sites like StackOverflow only accept OpenID and have no other authentication method. You will also find support for OpenID built into your favorite web platforms like DotNetNuke (seriously did you think that I would get through this whole post without mentioning that DotNetNuke has supported OpenID for over the past year?).  So I encourage you to give OpenID a try.  Heck, if you have been on the web for more than a day then you already have an OpenID account.  And while you are busy getting comfortable with OpenID provide a gentle reminder to the AOL, Microsoft, Google and Yahoos of the world to FULLY support OpenID.

Comments

Comment Form

Only registered users may post comments.

NewsArchives


Aderson Oliveira (22)
Alec Whittington (11)
Alessandra Daniels (3)
Alex Shirley (10)
Andrew Hoefling (3)
Andrew Nurse (30)
Andy Tryba (1)
Anthony Glenwright (5)
Antonio Chagoury (28)
Ash Prasad (37)
Ben Schmidt (1)
Benjamin Hermann (25)
Benoit Sarton (9)
Beth Firebaugh (12)
Bill Walker (36)
Bob Kruger (5)
Bogdan Litescu (1)
Brian Dukes (2)
Brice Snow (1)
Bruce Chapman (20)
Bryan Andrews (1)
cathal connolly (55)
Charles Nurse (163)
Chris Hammond (213)
Chris Paterra (55)
Clint Patterson (108)
Cuong Dang (21)
Daniel Bartholomew (2)
Daniel Mettler (181)
Daniel Valadas (48)
Dave Buckner (2)
David Poindexter (12)
David Rodriguez (3)
Dennis Shiao (1)
Doug Howell (11)
Erik van Ballegoij (30)
Ernst Peter Tamminga (80)
Francisco Perez Andres (17)
Geoff Barlow (12)
George Alatrash (12)
Gifford Watkins (3)
Gilles Le Pigocher (3)
Ian Robinson (7)
Israel Martinez (17)
Jan Blomquist (2)
Jan Jonas (3)
Jaspreet Bhatia (1)
Jenni Merrifield (6)
Joe Brinkman (274)
John Mitchell (1)
Jon Henning (14)
Jonathan Sheely (4)
Jordan Coopersmith (1)
Joseph Craig (2)
Kan Ma (1)
Keivan Beigi (3)
Kelly Ford (4)
Ken Grierson (10)
Kevin Schreiner (6)
Leigh Pointer (31)
Lorraine Young (60)
Malik Khan (1)
Matt Rutledge (2)
Matthias Schlomann (16)
Mauricio Márquez (5)
Michael Doxsey (7)
Michael Tobisch (3)
Michael Washington (202)
Miguel Gatmaytan (3)
Mike Horton (19)
Mitchel Sellers (40)
Nathan Rover (3)
Navin V Nagiah (14)
Néstor Sánchez (31)
Nik Kalyani (14)
Oliver Hine (1)
Patricio F. Salinas (1)
Patrick Ryan (1)
Peter Donker (54)
Philip Beadle (135)
Philipp Becker (4)
Richard Dumas (22)
Robert J Collins (5)
Roger Selwyn (8)
Ruben Lopez (1)
Ryan Martinez (1)
Sacha Trauwaen (1)
Salar Golestanian (4)
Sanjay Mehrotra (9)
Scott McCulloch (1)
Scott Schlesier (11)
Scott Wilkinson (3)
Scott Willhite (97)
Sebastian Leupold (80)
Shaun Walker (237)
Shawn Mehaffie (17)
Stefan Cullmann (12)
Stefan Kamphuis (12)
Steve Fabian (31)
Steven Fisher (1)
Tony Henrich (3)
Torsten Weggen (3)
Tycho de Waard (4)
Vicenç Masanas (27)
Vincent Nguyen (3)
Vitaly Kozadayev (6)
Will Morgenweck (40)
Will Strohl (180)
William Severance (5)
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out