Internet identity is about authentication

Last time, we used a wiki from SocialText that Ross Mayfield generously donated. This worked well, but we thought it might be fun to use some of the technology that the workshop is talking about, so we installed a copy of MediaWiki and patched it to use OpenID. The patching process wasn't as easy as I'd have like, but ultimately we got it done.

If you're not familiar with OpenID, it's a distributed authentication system. Period. There's no authorization piece and not even a way to store and transfer identity attributes. Just authentication.

I've talked to people about OpenID and had some curious reactions when they try to figure out how you'd use something that's just about authentication. Most enterprise product conflate the tasks of authentication and authorization and end up short changing authentication. The trouble is that many people use them mainly for authentication because the underlying apps were built to handle authorization on their own. Consequently people are stuck with a poor authentication system married to an authorization system that they hardly use.

The world of Internet identity is full of authentication projects. That's the primary topic. Authentication is something that can be, and frequently is, delegated to an outside party. OpenID is probably the simplest because it just does pure authentication. Further up the functionality spectrum i-Names are LID, SXIP, InfoCard.

There's another development that was accelerated at the last Internet Identity Workshop called Yadis. Yadis marries OpenID, LID, and i-Names with a protocol negotiator so that you can use any one of the three to authenticate at any site that is Yadis-enabled. As soon as then have a MediaWiki patch, I'll update the IIW wiki to use it.

Meanwhile, if you want to explore the user side of OpenID, pop over to MyOpenID, sign up for a free OpenID, and log into the IIW wiki. While you're there register for the workshop. We'd love to see you there.