Understanding OpenID is not easy

openid Last year, I signed up to get an OpenID.

I didn’t fully understand what it could do but I did believe that it would become more important, not to mention useful, to have a means by which you could identify yourself with a trusted common ID on websites where normally you’d have to separately register each time with a user name and password.

I did understand the de-centralized aspect of it all where you’d choose from a selection of organizations who offer OpenID services.

I went with VeriSign’s Personal Identity Provider. Why VeriSign and not one of the other providers? Mainly because I knew of VeriSign and associate them in my mind as a trusted company in the broad area of security online.

Anyway, I’ve had my PIP OpenID identity for some while, but I’ve never actually used it.

And that’s because I still don’t really understand how to.

What is OpenID? Don’t look for an easy explanation on the OpenID website (try and understand this). Instead, the simplest-to-grasp that I’ve seen is in the Wikipedia entry:

OpenID is a decentralized single sign-on system. Using OpenID-enabled sites, web users do not need to remember traditional authentication tokens such as username and password. Instead, they only need to be previously registered on a website with an OpenID “identity provider”, sometimes called an I-broker. Since OpenID is decentralized, any website can employ OpenID software as a way for users to sign in; OpenID solves the problem without relying on any centralized website to confirm digital identity.

TypePad has something similar with its TypeKey service, although it’s not had wide take-up outside of the TypePad community of users.

Yesterday, I received an email from PIP telling me of a range of improvements to the service.

Things like:

  • Support for OpenID 1.1 and 2.0
  • Ability to create multiple identities managed from within a single user account
  • New “tag based” profile data management interface making it easier to view and sort all of your profile data
  • Ability to download managed Information Cards for each of your created identities to use with technology such as Microsoft’s Cardspace
  • Strong authentication support via second-factor credentials from the VeriSign Identity Protection network (PayPal tokens can now be used on the PiP), along with the ability to have a one-time PIN sent via SMS or email if you’ve forgotten your credentials

Yes, well, that’s all great, and indicates advances in further developing the trusted aspects of this service, but I still don’t feel incentivized to go out and use my OpenID anywhere.

For one thing, I hardly see any websites or blogs that employ OpenID. And that’s when I actually visit websites and blogs, which I don’t do that much because I’m an RSS creator-consumer.

Mind you, one new feature from PIP which looks very interesting is the Seatbelt, a Firefox extension that lets you manage all your OpenID sign-ons without going to the PIP site all the time. Things like this start making it all easier to understand.

And on that point about understanding, I was beginning to think it’s just me with this difficulty. Then I found Jan Miksovsky’s terrific post in which he starts out with this:

[...] [OpenID] sounds great, but in practice I found the whole process bewildering. In my opinion, it’s not ready for consumer use.

Absolutely right. It seems to me that OpenID is still a very early-adoption technology, the domain of serious geeks and tech enthusiasts.

Well, I’m as enthusiastic as the next geek but I just don’t really get OpenID yet.

Maybe it’s by using tools like Seatbelt and paying attention to people like Jan Miksovsky that will bring some enlightenment.

About Neville Hobson

Entrepreneurial business communicator with a curiosity for tech and how people use it. Early adopter (and leaver) and experimenter with social media. Co-host of the weekly business podcast For Immediate Release: The Hobson and Holtz Report. Also an occasional test pilot of shiny new objects. Follow me on Twitter and Google+.