Laptops - Notebooks - Laptop Computers - Desktops - News

As much as Yahoo's OpenID support is worthy of applause, perhaps that applause should remain one-handed for the time being. After all, the company's upcoming beta campaign to allow members to tap the fledgling digital identity framework is, at this point, but a one-handed endorsement of user-centric identity.

Placing users at the center of identity transactions, OpenID is a relationship-based approach to authentication, in which relying parties ping a user's identity provider of choice to validate the user's identity. The model is part of a larger trend that involves the incorporation of user-centric technologies in pursuit of ever-elusive federation.

[ For more on user-centric federation, see Federating identity for the Web. ]

By far the most prominent name to sign the list of folks willing to vouch for user's identities in the three-party relationship-based model, Yahoo has yet to outline plans for reciprocity. In other words, Yahoo will allow you, Web site, to trust its relationships but won't be accepting the word of any other OpenID identity provider at this time.

[ For more on OpenID, see Understanding OpenID and CardSpace. ]

This move does, of course, expose upwards of 250 million users to the framework, certainly increasing OpenID's prospects for achieving wider acceptance. And it is welcome from an end-user perspective, in terms of extending the value of a single Yahoo log-in. But OpenID's success as a whole hinges on the channel of authentication queries being a two-way street -- unless, of course, identity is to evolve into a service offered by a handful of providers.

Which, on the face of things, could be what this announcement is ultimately about -- a pitch for users to put Yahoo in their longed-for single sign-on wallet before Google offers a competing alternative to the multitudes already splitting their time between Google and Yahoo log-ins.

Other vendors reportedly examining an OpenID push include IBM and VeriSign.

But until Yahoo makes good on talk of allowing users to choose a different identity provider when logging in to Yahoo services, this will remain more about offering identity management pain alleviation to smaller sites in exchange for ever more valuable information about the kinds of non-Yahoo services Yahoo users are tapping when not trolling the Yahoo-owned domains.

A user-centric strategy, yes. But by not exposing itself to the relying-party end of the OpenID authentication handshake, Yahoo may be taking a slightly different user-centric tack than the OpenID faithful ultimately hope Yahoo intends.

Related resources
• Federating identity for the Web
• Understanding OpenID and CardSpace
• Podcast: An identity layer for the Web
• Podcast: User-centric identity in the enterprise

Digital identity is fast undergoing a quiet revolution, one that situates users at the center of identity transactions, granting them greater control over their credentials as they navigate the Web.

The movement, labeled "user-centric identity," is working to refigure identity relationships into a more intuitive structure, bringing, in some cases, the wallet and ID card metaphor to digital identity transactions and, in others, allowing URLs to vouch for user identities.

Kim Cameron, chief identity architect at Microsoft, is a central figure in this movement, for which his Seven Laws of Identity provide a foundation. So intriguing is the model that some see user-centric identity technologies such as OpenID and Microsoft's CardSpace figuring prominently in the enterprise's quest for federation.

InfoWorld Contributing Editor Phil Windley talks with Cameron about the advantages of placing the user at the center of enterprise identity systems via these burgeoning technologies.

 LISTEN!

User-centric identity
Special report: Placing the user at the center of identity
Federating identity for the Web
Understanding OpenID and CardSpace
Podcast: User-centric identity in the enterprise

ADVERTISEMENT
IBM and SOA: Create Enduring Impact
SOA can bring your business and IT in closer alignment, giving you flexibility and agility to achieve an enduring impact on your business. Hear IBM’s exciting new announcements. Innovate your business model, make IT a change enabler and improve your SOA skills.