OpenID Goes to Washington

OpenID Sites & ProvidersToday we learned from RWW’s Marshal Kirkpatrick that the US federal government is considering the adoption of OpenID and other related open identity technologoies and practices for citizen identification on government websites.

This is big news for several reasons. First, by adopting OpenID, the governement would be putting the ownership and control of digital identity exactly where it should be: with the citizen. Second, a very large and conservative player—the US federal government—is taking OpenID seriously, which will do much to support OpenID’s continued adoption and evolution. Third, the government will work to establish criteria for OpenID provision that may help us all select credible and worthy identity providers. I’m sure there are more implications as well that will start to surface as government support for OpenID becomes better defined.

OIDF’s New Suit

Also today, we were able to learn more about this big news with the simultaneous launch of a newly redesigned OpenID Foundation (OIDF) website, a joint project with many collaborators including folks from Portland’s own Cloud Four, Janrain, and Richardson Consulting. as well as OIDF board members and executive director Don Thibeau.

The new OIDF website is a substantially improved on many different levels, from basic usability, to the breadth and depth of information it already delivers and promises to provide going forward. The new site design does a good job with the difficult task of meeting the different needs of diverse audiences, including the OpenID community, developers, government, and most importantly, individuals who are seeking to learn more about and start using OpenID.

Average users should find the site much more useful than the old one, and yet there is at least one area where I think it could be improved sooner rather than later. In a single page, the site tries to introduce users to the wide range of OpenID providers, including all the existing websites and services that provide de facto OpenIDs for their users. What this page does not do is give people a simple framework for thinking about how to choose an OpenID provider, or why to use one of their existing OpenIDs rather than establishing a new one. As it is, this page provides a richer version of what others have described as the NASCAR effect: a bunch of logos, without a lot of direction about why we might pick one over the other. I realize the OIDF must remain neutral about the different OpenID providers, but there is no better entity to provide uesrs with a guide to selecting and using an OpenID.

Speechifying the OIDF

I’m also especially happy to see a new interview with OIDF ED Don Thibeau by board member Chris Messina posted on the new site, which goes a long way to answering my earlier call for more information about what the OIDF has been up to since Don took the helm earlier this year.

And while I applaud the new site—it was obviously a lot of work, done well in a short time by some really dedicated people who will probably get less praise and credit than they deserve—I can’t shake the same nagging desire for a different paradigm of communication from the OIDF that prompted my earlier post. The new site could be the best design ever, but unless a new engine of communication stands behind it, it is likely to end up becoming little different than its predecessor, which lay mostly fallow for months.

Someone wiser than I explained that the OIDF will never become the communication engine I’m hoping for because of its nature as a standards setting body. That may well be the case, but it will be a significant failure in my eyes if the OIDF falls into that brittle mould. I believe the “open” in “OpenID” should fulfill its promise, leading us to remagine and rearticulate the OIDF’s purpose as something more than a machine to hash out standards for widget inputs and outputs. It is a key organization leading the way in the fundamental paradigm shift to a user-centric web. Now that the large beast of the US federal government is slouching toward the right goal, it is even more important that the OIDF become not just an open standards body, but an open standards bearer, alive, vibrant, leading the way.

Or do we have to form yet another open web organization to stimulate, educate, advocate for and communicate with the broadest communities who will benefit from these increasingly successful, open standards? I hope not. Aren’t we all getting spread a little thin as it is?

OpenID, wherefore art thou?

I’m a strong supporter of OpenID, the personal identity management technology that let’s you take charge of your own online identity, usernames, and passwords instead of farming yourself out willy-nilly to every site on the web. I don’t support OpenID for the technology itself—OpenID is just a collection of tools that are part of the machine that will enable something way more important: the user-centered, open web.

What’s the user-centered, open web? It’s the web you already know and love (and hate), made better with extra you, right at the center of it all. I could go on about its advantages for people, business, government and communities of all shapes and sizes, but others have done a much better job and I’m really trying to get to a different point here.

Lately I’ve started to worry a bit about OpenID. We’ve seen some recent promise realized to be sure, like Facebook’s progress toward adoption, logging in to Sears with OpenID, and local Portland OpenID pioneers Janrain hiring @peat. Progress like that balances the sad demise of Vidoop, Portland’s other OpenID darling, which I’ve commented on elsewhere.

Yet something else has been gnawing at me for a while. Back in February, 2009, the OpenID Foundation (OIDF) that coordinates and supports OpenID development and adoption hired a new Executive Director (ED), Don Thibeau. I don’t know Don and I’m sure he’s a fine and capable person, but I was expecting someone more, well, open, and webby. Don’s background didn’t seem to match OpenID’s open, webby provenance, community, or future.

At the time, I figured that maybe the OIDF board of directors picked Don specifically for his background in business and government to help legitimize OpenID with the businessy, government types that we need on board to support widespread adoption and to help build the OIDF into a sustainable organization. That strategy made a certain amount of sense to me. The OIDF ED should be able to garner the attention and respect of the more buttoned-down communities that have substantial power over the practices and technologies where we want OpenID to intervene AND be able to help the OIDF grow and prosper.

But it’s been almost half a year now and I have yet to hear anything from Don. I have not seen a single post to the OIDF mailing lists, nor any blog posts, or even mere website announcements or old-school press releases. Don, where are you? Even my simple inquiries about the apparently broken credit card payment process for OpenID membership have gone unanswered.

If the OIDF is immersed in ensuring its own sustainability and important behind-the-scenes evangelizing and deal-making, that’s great. But the open, webby community that has been evangelizing, building and adopting OpenID heretofore and meanwhile needs to know what is going on. The ED reports to the OIDF board, but the position’s real constituency is the broader OpenID community. Inform us, involve us, respect us. If deep, sustained, open community engagement isn’t possible as the primary function of the OIDF, then something is seriously broken.

I want to stress that I’m not leveling any personal criticism at Don himself. I imagine he’s very busy with work that benefits the OIDF and OpenID. In fact, I have so little information about Don and what he’s doing that there’s really nothing to laud or criticize, and that’s exactly my point. Open up, often, as your first impulse, and make community engagement your first priority.

The Fall of Vidoop

Chris Messina just posted a long, thoughtful and informative blog on the rise and fall of his erstwhile employer, local Portland identity provider Vidoop.

For those of us in the Portland tech community who welcomed Vidoop, saw our friends and colleagues go to work for them, and—in my case at least—starting using their OpenID provider service myVidoop—the whole series of events is mostly sad. I truly liked everyone I met from Vidoop and really appreciated their work and contributions to our community, like their hosting of the CyborgCamp 2009 pre-party.

I strongly agree with Chris that the fall of Vidoop can not be read as a failure of OpenID or other open web technologies, standards, or practices.

It is in fact the strength of OpenID that I was able to switch my OpenID delegation to our other local Portland identity provider, Janrain’s MyOpenID, in a matter of minutes and have no interruption in my identity services. What happened with Vidoop proves the value of controlling my own identity via OpenID and merely using providers and other services as I need them.

Vidoop: I’m truly sorry. For those of you who needed to learn lessons, I hope you did. For all the Vidoopers and their customers, I hope what happens next is a good thing.

For OpenID: I’m with you even more than before.