The Best and the Worst of Times: Whence Internet Identity?


The 10th Internet Identity Workshop this week had record attendance. Since that first one, five years ago, amazing adoption has happened: pretty much all major technology companies have implemented, more than a billion identities in the market, tens of thousands of sites accept them, more people show up to IIW — it must be the best of times.

But it is also the worst. To quote Phil Windley’s summary (go there, read the whole thing, it’s worthwhile):

InfoCards are largely dormant at this point. Kim Cameron, the father of InfoCards, has abdicated to France…

The only other player, Azigo, isn’t releasing updated selectors either… All of this adds up to a situation where no one would be comfortable adopting InfoCards…

OpenID continues to thrash towards becoming a viable solution. The politics surrounding OpenID are worthy of a soap opera…

If Phil had the harsh words for Cardspace and information cards this week, I guess I had the harsh words for the OpenID camp last week, calling what’s being developed there the Open Pile: turns out not one person (neither on the blog, nor in person) that I talked to this past week disagreed with my diagnosis; most agreed enthusiastically. But then everybody tends to turn around and has great fun adding more overlapping versions of protocols to the pile. Somebody go figure, because I don’t get it. How do we accomplish our vision of portable internet identity if we add more incompatibilities and never remove any?

So where does this leave us? Twelve steps forward and eleven back, taking two detours in the middle. Or something like that. The movement goes on. Thrashing, like a soap opera, as Phil says. There’s a pony in there somewhere waiting to come out, as John Panzer commented. Well, that pony better be patient.


2 responses to “The Best and the Worst of Times: Whence Internet Identity?”

  1. Ping demonstrated something like that this week at IIW: essentially using an iFrame for each likely Idp. Is that what you had in mind?

  2. Okay, wacky notion that just occurred to me: To reduce the “NASCAR badge” effect, what if there were a way for a web site to invisibly query the various identity providers, with the possibility of some additional browser query to see if the user has an OpenID? Yeah, potential privacy issues out the proverbials, but if my site could load each of those potential login options from the various sub-providers themselves that could reduce the login load to “click on which of these badges you’d like to use to login”.

    As I said, I don’t know off the top of my head how to tell my browser to always say “Use my OpenID”, but automating that, as well as FB Connect and Twitter and Google and such might be a way to salvage something from the smoking wreckage that OpenID’s become.