It was at the end of 2004 when I decided to start telling the world about this silly little idea I had had about a year before: give every person on the internet a URL that they could use to identify themselves to any website. Fully decentralized, no permission needed from anybody, under control of the user and so simple to implement and host, it could literally be everywhere.
This week the OpenID Foundation announced that now, exactly 5 years later, more than one billion identity URLs (now called OpenIDs) are operational on the internet. Not bad, I’d say. From 1 to a billion makes a compound annual growth rate of something like 6300%, over five years.
Time to compare the original vision with what it turned out to be. Well, some salient aspects of it anyway:
|In 2004, I thought:||In 2009, it turned out:|
|URLs as identifiers for people is a silly little idea that just about every expert thought could never be more than a toy. A “unicycle”, as a memorable quote from one would-be pundit went.||Seems the world has gone unicycle. The pundits were all wrong. All alternative internet identity protocols (more sophisticated, more complex, more “serious”) since have stagnated, reversed, or never gotten off the ground.
Lesson: never mind established wisdom, particularly if it’s more complex and more expensive.
|Other than their URL-ness, none of the originally proposed protocol components got adopted in exactly the form I proposed them.||However, I was 100% on target with the architecture and its main parts and their relationships: identifiers, discovery, decentralized operation with no central party, pluggable system with decentralized innovation, cryptography, personal information exchange, decentralized schemas etc. In some places, I’m confident we’re going to get closer to what was originally proposed again, such as 1. the ability to use public key cryptography, 2. pull and not just push information, and 3. more complex schemas than name-value pairs. But no matter, I never intended to start a “my protocol is better than your protocol” fight, it’s boring. The architecture is what matters and it did get adopted.
Lesson: Get the architecture right and don’t worry about the details. If what you are proposing is appealing, it will proceed in its own way, compromises, politics, bad tradeoffs and all. But proceed it will.
|I thought the big guys (Google, Yahoo, …) would be the last ones to adopt open, anybody-can-play, loosely-governed identity protocols, and they would play an embrace and extend strategy. I thought uptake would come from the B and C players first.||I was dead wrong. The bigger and more important the internet company, the faster they adopted it it seems. The B and C players, in many cases, still have no idea what this is all about and why they should have been faster than the big guys. I’m still puzzled whether the big guys show a genuine change in business strategy re open/closed systems, or a temporary blink. But all the better!
Lesson: Eat where the hors d’œuvres are served.
|I was hoping a few guys would plug into the discover-services-from URLs framework (which, from
||I was not prepared for the onslaught of innovation all over the place that started using the same architectural principles, and even some of the protocols. It’s amazing, and there’s no end in sight. More protocol innovation was sparked in this context than anywhere else in the last 5 years I daresay.
Lesson: If you have an idea, put it out there. It might spark amazing other ideas.
|I originally called it Light-Weight Identity™ (LID™) for a reason: my goal was to make it implementable in an afternoon, so it could be implemented “everywhere”, even the smallest community site.||Design by committee was the price to pay for broader adoption. Some of this stuff has really become needlessly complex; you might need an afternoon just to assemble the list of protocols to read. But then, as long as that needless complexity does not hurt adoption, who am I to complain?
Lesson: in the end, everything becomes bureaucratic, sadly enough.
|My talking about this silly little idea originally was a wild shot to see whether there was a business to be had somewhere.||We are still waiting. But then, things may be changing on this one. A billion is hard to ignore.
Lesson: Eile mit Weile, as they say in German.
I did not run for the OpenID Foundation’s Board of Directors this year. I think I’m done there: I’m more of an inventor and innovator and entrepreneur than somebody excited about the daily grind of non-profit work of getting those billion OpenIDs used more every day, one day at a time.
Looking backwards, I think I need to be supremely amazed that this “silly” idea has had such amazingly powerful legs to walk that far. To be clear, if I hadn’t thought of it (and my wife Tammy hadn’t prototyped it), somebody else would have within a couple of years, most likely. And many, many people brought their ideas into the picture without which we would not have come to where we are. Thank you all, this is a story of collective barnraising. Success always has many
fathers parents, and I mean that sincerely; in this case probably about a dozen. But still, it’s amazing to look back and trace a straight line over 5 years to the idea of the barn in the first place, and its basic architecture. Here it is, the barn, 5 years later, a billion strong. Not many times that anybody can claim to have had a hand in sparking something that became billions.
The jury is still out whether any meaningful money can be made around this. But I’m getting more optimistic: a billion is hard to ignore, in particular if all major players are on board, which they are. So going into 2010, I’m feeling like it’s time to do some serious business, and I think I know just where to start (contact me if you like)
So far, so good ;-)
Happy Holidays to you all!!