Manage your online identity.

If you follow the identity space, it’s likely you’ve encountered the work of Chris Messina.  A longtime advocate of open standards and sane identity solutions, Mr. Messina’s influence was felt very early on in the ClaimID development process.  In fact, we owe him a lot of thanks for helping us think through the possibilities of many very new technologies.

For these reasons, we’re following Chris’ work on DiSo - Distributed Social Networking Applications.   He’s working with Will Norris and Steve Ivy to create a framework for applications that leverages open identity standards - OpenID, the emergent OAuth.  This framework will ensure distributed, trustworthy data and identity portability between applications, ensuring what some might call distributed social networking.

In the past few months, there’s been much talk about this idea of distributed social networking: Google’s super-standard OpenSocial, Facebook’s Platform - we’re seeing the possibilities (and the downsides) of opening up our stacks.  Of course, to the major players, this is a new land-grab; this is why Messina and co’s approach is so attractive.  Our data, the stuff that I choose to share, should be free and portable.

Needless to say, we’re paying close attention to the work on OAuth and DiSo - hopefully in a few weeks we’ll have some interesting announcements regarding our brainstorming for feature development using these new methods.  This is very powerful stuff, and we’re glad to see it coming to life.

This has been a great IIW (Internet Identity Workshop) out here in Mountain View - thanks again to Phil Windley and Kaliya Hamlin and Doc Searls, the organizers.

The feeling in the air has been more electric than in the past. There’s a definite energy in this space. We’ve had some great discussions about potential partnerships and features we think people will really love. The developer community is excited about the new specs announced and the next few months look very rich with opportunity for collaboration.

People representing the Open Social Web (claimID, Plaxo, Citizen Agency) and those big guys who run The Infrastructure (Google, MS, Yahoo, AOL, Verisign) were all sitting and talking about how we’re going to make it work for the user. It’s very refreshing and a testament to how far we’ve come in the last few years.

The two specs announced here at IIW2007b were the OpenID 2.0 spec and the OAuth Core 1.0 spec. These two specs are important because adoption of OpenID is climbing quickly (a tipping point very soon) and OAuth is a consolidation of 6-7 existing authorization protocols. Both are poised to generate lots of interest.

There was much discussion around how these two would play well with each other. It rather dominated the discussion for a couple days or so. Find a picture of the schedule wall.

The general consensus is that users will now have the tools to better take their own data and define their permissions as they move around the internet. With an underbelly of discussion around Facebook’s new offer of a global opt-out for Beacon, this conference represents the future of how this stuff is all going to work *for us* instead of *for advertisers*.

Good stuff all around. One of the best conferences I’ve ever been to and the reason I keep deciding to come back - real work happens with the people who understand what Open means.

Some very cool adoption news from the folks at Google: OpenID-based commenting will be rolled in to Blogger and Blogspot blogs.  The news comes from the Blogger in Draft blog, which has details and links.

If you’ve got a Blogspot blog and would like to enable OpenID commenting, you’ll need to log in to your account at http://draft.blogger.com (hat tip David Recordon).  Once there, you can enable OpenID commenting by browsing to Settings -> Comments, and enable “Registered Users.”  One very clear drawback here is that by placing your blog in “Registered” mode, you may no longer accept Anonymous comments.  That should be fixed by the Blogger team; OpenID commenting exists within an ecosystem that values the spectrum of identity, from anonymity to full-verification.

Two interesting pieces of OpenID news today:

1) “Blogger in Draft” has announced support for leaving comments via OpenID. This is big news if for no other reason that when Google breathes, the industry notices. Their implementation is good, but still needs some interface work and completeness with regards to delegation. I expect they’ll get things polished very quickly once any user-flow issues are dealt with. No doubt there will be many people eager to see how robust their solution is - if/when they roll this out across their other properties, OpenID becomes significantly more visible.

2) I saw announced today a new service from two self-described ‘research coneheads’ at Microsoft Research - InkblotPassword. InkblotPassword is an OpenID provider that allows your password to be a collection of self-descriptions of inkblots that the site provides. When you enter your username, your inkblots are shown to you and you enter your self-assigned ‘descriptors’. You end up with a very strong password that is easily remembered - since you’re actually being prompted by images that become familiar to you over time. Very fascinating. The interface is a little rough, but make sure to use the giant question mark help button on the upper-right. It will explain everything just fine.

See you at IIW next week. Come say hello.