Comments on: Hurricanes, Flags, and OpenID

By: Alec

Alec — Fri, 16 Mar 2007 13:32:02 +0000

Got it. The difference, of course, being that an OpenID should be transportable from one provider to another — Yahoo to Google, for instance, if they both supported it.

By: Aswath

Aswath — Fri, 16 Mar 2007 01:57:44 +0000

I don’t think it is theoretical at all and there is nothing special about OpenID, except the willingness to allow others to freely use the authentication engine (which is built into OpenID and that is the special aspect of OpenID). Take the example of Google and Yahoo. Both have their own single sign-on mechanism, but Yahoo is much more permissive about others using their engine than is Google (according to the designer of idproxy.net). That means, you and I can decide to use Yahoo engine. So the issue is not whether Yahoo allows others’ id; the point is that Yahoo allows others to use their engine. As I said, that is exactly what an OpenID provider guarantees and that is why OpenID is great, in my opinion.

By: Alec

Alec — Thu, 15 Mar 2007 21:58:38 +0000

Aswath, I think the theory and the practice are different. Theoretically, a P2P identity system will operate as you state. However, if we have every large player issuing ID’s, and not accepting the ID’s of the other players… well, then we’re no better off than now, are we?

By: Aswath

Aswath — Wed, 14 Mar 2007 18:15:48 +0000

If the intelligence has moved to the end and applications can indeed be run at the end, I am not concerned that big players are not really consuming OpenID. OpenID is a great boon for true “peer-to-peer” (no disguised intermediaries like Skype) applications for it is far easier and effective to maintain whitelists. In other words, the applications running at the end are the consumers of OpenID. Nick talks about Mexican wave. Since a core group is needed to start the wave and then on, it can sustain itself.