Manage your online identity.

A few days ago, we rolled out ID Selector at ClaimID. Designed by the wonderful folks at JanRain, ID Selector is a nifty technology that makes the OpenID sign-in process significantly easier. Here’s what it looks like:

The ID Selector makes it easy to recall your OpenID when you’re logging into a site, solving a plethora of problems that occur when OpenID’s proliferate.  We know this will make it easier for you to log in to OpenID, and we also hope that this will drive some more of that sweet OpenID-consuming that is required to push this movement forward.

If you’d like an ID Selector from your website, simply sign up with IDSelector.com.  Great work to Brian and Co. at JanRain!

The past year has been an exciting one for OpenID. Millions of OpenID’s have been created, thousands of sites support OpenID, and a growing ecosystem of fans, developers and advocates are proving that an open approach to identity makes sense. As the network of value around OpenID grows, our OpenID providers need to be trustworthy and secure. ClaimID has long been one of the most trusted OpenID providers on the net; while we offer banking-quality security, we felt it was time to take our product to the next level.

To do so, ClaimID will integrate Confident Technologies RecognitionAUTH system. The RecognitionAUTH system offers users an innovative and highly secure second factor in authentication. This enhancement will solve many of the criticisms of the OpenID security model, providing you with an account you can use with confidence going forward.

We’re excited to be working the the Confident/Vidoop team on this integration, particularly our friend and advocate Scott Kveton. In enhancing security, we hope ClaimID users will feel more comfortable, and more secure as they choose us as their identity provider. We hope to deploy RecognitionAUTH soon - so watch this space for more details.

There’s big news from the OpenID foundation today: Google, IBM, Microsoft, VeriSign, and Yahoo! have joined the foundation’s board. This is obviously a major step forward for OpenID, but it’s also good for the entire open identity movement; the major players are seeing the value in consumer choice and control. At ClaimID, we’ve been advancing these themes since 2005, so it’s especially rewarding to see this news. From the OpenID foundation announcement:

By bringing on these companies and their resources, the OpenID Foundation will now be able to better serve the needs of the entire OpenID community. In 2008, we can expect to see a larger focus on making OpenID even more accessible to a mainstream audience, the development of a World-wide trademark usage policy (much like the Jabber Foundation and Mozilla have done), and a larger international focus on working with the OpenID communities in Asia and Europe. Awesome!

Congratulations goes out to OpenID foundation chairman Scott Kveton, and all others involved in the foundation who’ve worked on this initiative. Scott’s blogged the coverage of the announcment if you’d like some more insight. Again, congrats to the OpenID foundation for this huge achievement - today is a very big day for OpenID and open identity work.

Cross-posted to Unit Structures.

The news today from Yahoo that it will be providing OpenIDs for all of their user accounts is a welcome sight.

Yahoo has been in attendance at the IIW for a while and been planning this for some time. Congratulations on getting the scale and legal issues worked out. And welcome!

Read more at openid.yahoo.com:

Once you enable your Yahoo! account for OpenID access, you can simply tell any OpenID enabled web site that you are a Yahoo! user. You will be sent to Yahoo! to verify your Yahoo! ID and password and then signed in to the web site. Its that easy!

They’ve got a nice easy explanation of the technology for users in addition to a ‘tour’. The developer network gets a page also. Very clean implementation, well done guys.

One interesting bit about their particular set-up, which will go live at the end of January - you only type yahoo.com into an OpenID box, not your full identifier. Yahoo will do the authentication and then bounce you back to the relying party. An interesting design choice - it will be interesting to see if that practice gains traction.

Update: This “yahoo.com only” is the directed identity feature of OpenID 2.0.

Another issue that’s generating some questions among ClaimID users is how to control one’s nickname when posting an OpenID comment to blogger. The nickname is what shows up as your name in the comment. Here’s are two examples of OpenID comments; the nickname is “Fred” in one, and “This shows up” in the second comment.

To accomplish this, first I leave a comment with my OpenID URL:

Once I do this, I am sent over to the OpenID server for authentication.  As you’ll notice, it asks me for some information:

Blogger is asking for your nickname, which is what will show up as your name in the comments.  As a test, I’ve given “This shows up” as my nickname.

Success!  Now I can control what nickname shows up when I comment.   Note, if you choose “Log in and Trust” this will set your nickname permanently unless you revoke Blogger’s trust, which you can do by managing your profiles at http://openid.claimid.com.

We’ve recieved a number of questions about this, so I thought it might be useful to post it to the blog. If you’re attempting to post a comment using an OpenID to a Blogger blog, you must prepend the http:// before your OpenID. For example, the following won’t work

But with the prepended http://, it will work:

Hope this helps!

If you follow the identity space, it’s likely you’ve encountered the work of Chris Messina.  A longtime advocate of open standards and sane identity solutions, Mr. Messina’s influence was felt very early on in the ClaimID development process.  In fact, we owe him a lot of thanks for helping us think through the possibilities of many very new technologies.

For these reasons, we’re following Chris’ work on DiSo - Distributed Social Networking Applications.   He’s working with Will Norris and Steve Ivy to create a framework for applications that leverages open identity standards - OpenID, the emergent OAuth.  This framework will ensure distributed, trustworthy data and identity portability between applications, ensuring what some might call distributed social networking.

In the past few months, there’s been much talk about this idea of distributed social networking: Google’s super-standard OpenSocial, Facebook’s Platform - we’re seeing the possibilities (and the downsides) of opening up our stacks.  Of course, to the major players, this is a new land-grab; this is why Messina and co’s approach is so attractive.  Our data, the stuff that I choose to share, should be free and portable.

Needless to say, we’re paying close attention to the work on OAuth and DiSo - hopefully in a few weeks we’ll have some interesting announcements regarding our brainstorming for feature development using these new methods.  This is very powerful stuff, and we’re glad to see it coming to life.

This has been a great IIW (Internet Identity Workshop) out here in Mountain View - thanks again to Phil Windley and Kaliya Hamlin and Doc Searls, the organizers.

The feeling in the air has been more electric than in the past. There’s a definite energy in this space. We’ve had some great discussions about potential partnerships and features we think people will really love. The developer community is excited about the new specs announced and the next few months look very rich with opportunity for collaboration.

People representing the Open Social Web (claimID, Plaxo, Citizen Agency) and those big guys who run The Infrastructure (Google, MS, Yahoo, AOL, Verisign) were all sitting and talking about how we’re going to make it work for the user. It’s very refreshing and a testament to how far we’ve come in the last few years.

The two specs announced here at IIW2007b were the OpenID 2.0 spec and the OAuth Core 1.0 spec. These two specs are important because adoption of OpenID is climbing quickly (a tipping point very soon) and OAuth is a consolidation of 6-7 existing authorization protocols. Both are poised to generate lots of interest.

There was much discussion around how these two would play well with each other. It rather dominated the discussion for a couple days or so. Find a picture of the schedule wall.

The general consensus is that users will now have the tools to better take their own data and define their permissions as they move around the internet. With an underbelly of discussion around Facebook’s new offer of a global opt-out for Beacon, this conference represents the future of how this stuff is all going to work *for us* instead of *for advertisers*.

Good stuff all around. One of the best conferences I’ve ever been to and the reason I keep deciding to come back - real work happens with the people who understand what Open means.

Some very cool adoption news from the folks at Google: OpenID-based commenting will be rolled in to Blogger and Blogspot blogs.  The news comes from the Blogger in Draft blog, which has details and links.

If you’ve got a Blogspot blog and would like to enable OpenID commenting, you’ll need to log in to your account at http://draft.blogger.com (hat tip David Recordon).  Once there, you can enable OpenID commenting by browsing to Settings -> Comments, and enable “Registered Users.”  One very clear drawback here is that by placing your blog in “Registered” mode, you may no longer accept Anonymous comments.  That should be fixed by the Blogger team; OpenID commenting exists within an ecosystem that values the spectrum of identity, from anonymity to full-verification.

Two interesting pieces of OpenID news today:

1) “Blogger in Draft” has announced support for leaving comments via OpenID. This is big news if for no other reason that when Google breathes, the industry notices. Their implementation is good, but still needs some interface work and completeness with regards to delegation. I expect they’ll get things polished very quickly once any user-flow issues are dealt with. No doubt there will be many people eager to see how robust their solution is - if/when they roll this out across their other properties, OpenID becomes significantly more visible.

2) I saw announced today a new service from two self-described ‘research coneheads’ at Microsoft Research - InkblotPassword. InkblotPassword is an OpenID provider that allows your password to be a collection of self-descriptions of inkblots that the site provides. When you enter your username, your inkblots are shown to you and you enter your self-assigned ‘descriptors’. You end up with a very strong password that is easily remembered - since you’re actually being prompted by images that become familiar to you over time. Very fascinating. The interface is a little rough, but make sure to use the giant question mark help button on the upper-right. It will explain everything just fine.

See you at IIW next week. Come say hello.