For the past few years, Facebook has been flirting with the possibility of supporting the OpenID log-in standard, which calls itself "an open, decentralized, free framework for user-centric digital identity" without actually building support for it.
Now, the massive social network--once famous for its ultra-walled-garden approach to data and user experience--announced Monday that it has become an OpenID "relying party," which basically means that it's started, at last, to deploy support for the standard. Facebook joined the OpenID Foundation in February, even though many considered its Facebook Connect log-in standard to be a proprietary competitor.
But, Monday's announcement indicated, Facebook believes the two can work in tandem.
"We've always let our users express their real world connections," a post on the Facebook blog read. "From the beginning, Facebook users could use their college and workplace identities to establish real world networks. Now, they can use open standards to establish their identities on Facebook."
Most notably, you can now register for a Facebook account with your Gmail account, or can link an existing Facebook account with Gmail or other OpenID-participating services if they support automatic log-in.
"We've always believed that making the user experience as secure, lightweight, and intuitive as possible, which 200 million people can comfortably enjoy and understand, is one of our top priorities," the blog post read. That could be a subtle nod to the fact that OpenID, founded in 2005, has historically been a bit difficult for the non-tech-savvy to comprehend.
Facebook's blog post also said that security concerns have been an issue. In working with the OpenID community, "we shared our experience developing Facebook Connect, where we eventually came up with a design that ensures that users would know that they were providing their login credentials to Facebook, and not some unscrupulous site."
The plus side? Facebook's tests have indicated that if new users can register with an existing Web service account, like Gmail, that they are more likely to stick around.
Facebook has joined the board of the OpenID Foundation and will host an OpenID Design Summit later this month, according to a post on the social network's developer blog.
This is a bit of a surprise because Facebook has developed its own universal log-in standard, Facebook Connect, which theoretically competes with the nonprofit OpenID standard. It should be noted that Facebook has not yet announced any official plans to make the two compatible, and that just joining the board and hosting an event might not quell the criticism from open-source advocates who say Facebook is still too proprietary in its nature.
Engineer Luke Shepard will be Facebook's representative on the OpenID Foundation board, a corresponding post on the OpenID blog explained, adding that Shepard has been "a huge internal advocate for OpenID" at Facebook. The board also consists of members from Google, IBM, Microsoft, PayPal, VeriSign, and Yahoo as well as seven elected "community" members. Many of the corporate board members joined about a year ago; OpenID creator Brad Fitzpatrick is now employed by Google and has helped to build its OpenSocial developer platform standard.
"Given the popularity and positive user experience of Facebook Connect, we look forward to Facebook working within the community to improve OpenID's usability and reach," the post by David Recordon and Chris Messina read.
Facebook's blog post, written by engineering VP Mike Schroepfer, expressed similar goals. "It is our hope that we can take the success of Facebook Connect and work together with the community to build easy-to-use, safe, open and secure distributed identity frameworks for use across the Web," Schroepfer wrote.
Facebook made a significant portion of its developer platform code open-source last summer.
With all the buzz about Facebook Connect this week, it's worth asking the question: Whatever happened to OpenID?
The universal log-in standard was created in 2005 by Brad Fitzpatrick, founder of LiveJournal, while he was working at blog software company Six Apart. (Fitzpatrick now works at Google; Six Apart has since sold LiveJournal.) It has the support of Yahoo, MySpace (which just helped build an OpenID extension for the Flock browser), and President-elect Barack Obama's Change.gov. Even Google has dipped its proverbial toe in the pool.
But it wasn't until Facebook Connect started making headlines that the concept of data portability--a single log-in across multiple sites--made the jump from the tech press to the mainstream media. OpenID, some speculated, had been left behind in the dust.
Hardly. But Wired's Michael Calore hit the nail on the head on Monday: "Presenting a dialog that asks a user to log in to one Web site using a name and password from another Web site is jarring, but Facebook has managed to keep Facebook Connect simple enough for everyday users to understand. Such ease of use virtually guarantees it will win support quickly."
The truth is, the future of the "social Web" is in expansion. And expansion invariably involves dealing with a crowd beyond the Twittering, FriendFeeding, WordPressing geeks who actually understand the concept behind data portability.
And that's not made any easier by the fact that OpenID calls itself "an open, decentralized, free framework for user-centric digital identity." Try bringing that up in the boardroom of a non-tech company looking to ride the social-networking wave. Then tell them that the most buzzed-about social network on the planet will power your site's social features. The decision will probably fall in the Facebook camp, unfortunately for the open-standards crowd and its admirable dedication to all things balanced and democratic.
"Nobody should own this. Nobody's planning on making any money from this," Fitzpatrick has said about OpenID. "The goal is to release every part of this under the most liberal licenses possible, so there's no money or licensing or registering required to play. It benefits the community as a whole if something like this exists, and we're all a part of the community."
But your average company is probably going to care more about profit margins than OpenID's decentralized ideal, and the possibility of having its user activity broadcast across Facebook members' news feeds is tantalizing. Especially during tough financial times, strategy will likely trump idealism.
That said, there are some good signs for OpenID. It has a ton of support in the tech world, and if Facebook Connect's impending expansion goes awry for any reason--think Beacon--it could open up a whole new set of doors for OpenID. What it (and other open Web standards) needs either way is some image repair.
"Facebook is trying to replace all log-ins with their own, and control the creation, distribution, and application of the social graph using their proprietary platform," Chris Saad, whose DataPortability Workgroup has put its support behind OpenID and other open Web standards, wrote in a blog post. "The most scary part of this, is that while Facebook is quietly and methodically building out this vision with massive partners, the standards community is busy squabbling about naming the open alternative."
OpenID and its brethren could use a good, simplified marketing pitch, not to mention some announcements and partnerships that are more prominent than an extension for a niche Web browser. They need to use the resources that the likes of MySpace and Yahoo can provide to get more deals going and start making headlines outside of ReadWriteWeb and TechCrunch.
And most importantly, in a recession, "it's good for the Web, so it's good for everyone" just isn't concrete enough. One last tip for OpenID: Start talking business benefits.
There's a new OpenID extension for "social browser" Flock, and it was created with the help of password management service Vidoop and News Corp.-owned social network MySpace.
It's now available for download for all Flock users who have upgraded to Flock 2.0. For MySpace, which initially announced its support for OpenID back in July, this is also a push for Data Availability, a universal-login project that the social network announced in May but has since only rolled out with a few partners.
Yahoo, one of MySpace's launch partners for Data Availability, has also thrown its weight behind OpenID.
"As three companies dedicated to empowering users to easily share content and experiences, this was a very rewarding--and relatively fast--collaboration," Max Engel, MySpace's Data Availability product manager, said in a release. "Our goal was to eliminate some of the work involved in jumping between social experiences on the Web so that people can focus on their connections and the incredible content that's out there. This Flock extension will give millions of people an easier way to expand their experiences and expression without boundaries."
The OpenID Flock extension allows for easier credential management within the browser and makes it more apparent when a site will accept an OpenID login. A handful of OpenID extensions already exist for the open-source Flock, but this one's got the seal of approval from some big names.
There are deeper reasons for MySpace being so vocal about OpenID support, though. The standard has seen its toughest rival yet in the form of Facebook Connect, a data-portability project which enjoyed a high-profile New York Times writeup this week and will reportedly be ready for a full debut very soon. (It's already been implemented on a number of sites.)
Flock, unfortunately, isn't an enormous player in the browser space. It has tons of bells and whistles, but is still well behind the likes of Internet Explorer and Firefox in terms of downloads, and has newfound competition from Google's Chrome.
Regardless, MySpace has been paying a lot of lip service to open standards recently, and it's always good to see real developments.
Online-productivity suite Zoho announced on Wednesday that it now accepts Google and Yahoo logins. An executive from Zoho parent company AdventNet announced last month that Google login compatibility was on the way.
"For Google and Yahoo users who are curious about Zoho but don't want to set up another account, we've removed that hurdle," Zoho 'evangelist' Raju Vegsna said in a release Wednesday. "Users don't have to create a Zoho account to use Zoho applications. We want to make it as easy as possible for everyone to try our online apps."
In addition to accepting Google and Yahoo logins for new Zoho accounts, the site also allows existing members to synchronize with their Google or Yahoo accounts.
This required collaboration with both Google and Yahoo--interesting, because Google operates Google Docs, a bigger rival to Zoho. But it's just the latest data portability announcement to emerge in the past few months, what with Yahoo supporting the OpenID standard and teaming up with MySpace.com on its Data Availability project, as well as Google launching its Friend Connect initiative.
If the OpenID Foundation were a liquor cabinet, it just got stocked with some Grey Goose, Rhum Clement, and Gran Patron.
The foundation, which is pushing for a universal Internet login standard, announced on Thursday that representatives from Google, Microsoft, Yahoo, IBM, and VeriSign have become its first corporate board members. They join existing board members Scott Kveton (Vidoop), David Recordon (Six Apart), Dick Hardt (Sxip Identity), Martin Atkins (independent), Artur Bergman (Wikia), Johannes Ernst (NetMesh), Drummond Reed (Parity Communications), and executive director Bill Washburn.
Several major technology companies, including Yahoo, had already voiced support for the standard.
OpenID started as a grassroots initiative to handle an increasingly complex Internet rife with user accounts, logins, and passwords galore, and some skeptics thought that it couldn't possibly earn the approval of tech's biggest players. But its creators have gone on to build serious Web credibility, which has undoubtedly helped the standard move from an experimental geek project toward industrywide adoption.
Founder Brad Fitzpatrick, who developed the standard in 2005 while working at Six Apart, is now an engineer at Google and has been a key component of its OpenSocial developer initiative.
"Google shares the OpenID Foundation's vision of a Web that's easy to use and built on open standards available to everyone," Fitzpatrick said in a statement from the OpenID Foundation. "OpenID was always intended to be a decentralized sign-on system, so it's fantastic (for Google) to join a foundation committed to keeping it free and unencumbered by proprietary extensions."
The representatives from the OpenID Foundation's new corporate board members are Dewitt Clinton (Google), Tony Nadalin (IBM), Michael B. Jones (Microsoft), Gary Krall (VeriSign), and Shreyas Doshi (Yahoo).
In one of the most significant moves yet in the growing push toward service interoperability on the Web, tech giant Yahoo announced Thursday that it is supporting the OpenID 2.0 standard for a universal Internet log-in.
No matter what your views of Yahoo's current stability may be, this is undoubtedly a big victory for OpenID. Not so long ago, the protocol was considered a dot-com/futurist pipe dream. OpenID was created by Web 2.0 guru Brad Fitzpatrick, who founded LiveJournal and was brought on board at Google last year as one of the most prominent players in its OpenSocial developer initiative.
OpenID is designed to facilitate single log-ins for multiple unaffiliated Web sites. Gradually, large sites like AOL and Plaxo have begun supporting the standard, but it remains a tool for the Web's early-adopter set rather than the online community at large.
But recently, fueled by debate over social-networking interoperability, universal standards have been one of the most buzzed-about subjects in Web 2.0.
Yahoo, which counts its registered users at 248 million worldwide, says that supporting OpenID will mean that OpenID-compatible accounts are available to a total of 368 million Web users. When Yahoo's support of OpenID goes live, starting with a public beta launch on January 30, this will mean that a Yahoo ID can be consolidated into an OpenID account that will be valid at all partner sites.
On the flip side, sites that accept OpenID will have the option of displaying a "Sign in with your Yahoo ID" button.
As more major Web players start to sign onto OpenID--and more casual Internet users start using the standard--there will inevitably be security concerns raised. Since OpenID has no central repository for identity management, users can choose which sites they trust with their OpenIDs. But that doesn't mean they're going to always make the right decisions. Sometime in the not-so-distant future, an incident or two will likely surface that will call into question just what universal standards mean for privacy and personal security on the Web.
This is an area to watch.
- prev
- 1
- next
