Free Software Linux

The OpenID Foundation is pleased to share that OpenID Japan has launched with 32 members including merchants, portals, educational institutions, insurance companies, manufacturing companies, airlines, and banks. This announcement is significant for several reasons:

This is a historic week for OpenID. Google and Microsoft announced the release of code to support OpenID 2.0 across their most important properties. On Monday, Microsoft, announced OpenID 2.0 support for their 460 million users on the LiveID platform. On Wednesday Google said it will be supporting OpenID 2.0 for any user that has a Google account. Both of these deployments are great news for the OpenID community and the Internet at large. It can be safely said that within the coming months, every single user on the Internet will have an OpenID.

OpenID has gotten a big lift this week with two big announcements coming from two very different camps. First, Microsoft has announced that Windows Live will officially support OpenID for login and that users will be able to log into any OpenID site with their LiveID account. Second, Google has announced that it will also be a provider of OpenIDs.

This is turning out to be quite a good week for OpenID, an increasingly popular mechanism for creating and managing a single identity across the Internet. On Monday, Microsoft announced that it would give every Windows Live user an OpenID account, and today, Google announced a very similar plan.

Beginning today, Windows Live ID is publicly committing to support the OpenID digital identity framework with the announcement of the public availability of a Community Technology Preview (CTP) of the Windows Live ID OpenID Provider.

A couple of weeks ago the BBC hosted twenty-six people from seventeen organizations including eight OpenID Providers and eight OpenID Relying Parties (sites which accept OpenID logins) in New York City to kick off an OpenID Content Provider Advisory Committee. The goal of the session was to answer specific questions by the Content Provider community (media companies and national affinity groups) as well as to provide feedback to the OpenID Foundation, its member companies, and the wider community on the future direction of OpenID.

Since the early 1990s, I’ve been fascinated by the concept of online identity management: what it means to have an identity online, what stays consistent with the offline world, what becomes more fluid, and what becomes more fixed. It’s a very vibrant space right now, with commercial vendors, open source projects, trends, and standards all vying for attention. I’m thinking here of a couple of overlapping categories:

Last week mixi, the largest social network in Japan, become an OpenID Provider for all of their fifteen-million plus users; one in five Japanese web users are on mixi. While they are another large OpenID Provider — which some argue is a bad thing — they are the first large OpenID Provider to also support exchanging profile information.

Its been an busy week in the world of OpenID. On Friday Ben Laurie announced a security vulnerability around OpenID that relates to existing problems with DNS and certain SSL certificates. Discussions on the OpenID General mailing list have been fruitful and the major OpenID providers out there today have disclosed that they are either not vulnerable or patching quickly. It should also be noted that none of the providers listed at openid.net/get were ever vulnerable to this attack.

If you’ve tried to leave comments here recently, bless you, and I’m sorry. First, the WP-OpenID plugin for one specific version (2.2.0) had a bug which ate comments containing double quotes, which means all comments with links in them. 2.2.1 fixes the problem. Then, Luis Villa told me in email that the Captcha on my site was unusable. So I tried it, and he’s right. A while back I installed a plugin for Mollom, which catches comments which are thought to be suspicious in one way or another, and then asks users to solve a captcha. Problem is that they were all unsolvable.

On Tuesday of this week, popular social networking site MySpace announced support for OpenID and integration with their Data Availability initiative. MySpace is launching as an OpenID provider to begin with bringing the grand total of OpenID enabled users on the Internet to well over 500 million users.

The OpenID Foundation has covered a lot of ground in the last 1.5 years since its inception. We consolidated a number of internet identity efforts, built an organization charged with promoting and protecting the efforts of this fantastic community, developed an Intellectual Property Process that will ensure OpenID stays open, brought a number of the major vendors as participants in the community. and are seeing the first signs of deployment.

Zoho really wants people to try out their applications. They have opened the doors to users with Google and Yahoo accounts to access Zoho applications without having to create a new username/password. Is this Zoho's step towards the OpenID? Or a ploy to steal Google Apps users away?

Last week SourceForge quietly added support for OpenID to their site. The news is official now. SourceForge implemented relying party support (as opposed to just being a provider) which is a trend not often seen by larger players. I wanted to talk with one of their developers to see what it took to make this all happen, especially in a large organization like SourceForge. I spoke with Luke Crouch who was the lead developer on the project.

If you use open source software then you’ve probably heard about SourceForge before.  If you develop open source software then you’ve probably even used some of their infrastructure in the past.  Today they’ve made it even easier to login to SourceForge with OpenID.  SourgeForge.net isn’t acting as an OpenID Provider but rather is accepting OpenID logins; this is a good thing and reinforces the trend of sites like Ma.gnolia only accepting OpenID logins.