If 'you' build OpenID, will 'they' come?
In case you missed it last week, Microsoft is taking another swing at the idea of single sign-on technologies. Its first, Passport, failed miserably. Called Windows Live ID (following in the footsteps of everything else "Windows Live"), I guess you could call this "Son of Passport" or "Passport: The Sequel." The question is (for Microsoft as much as anyone else), down the road, will we have "Passport The Thirteenth"?
For what it's worth, Microsoft is making some of the right moves in its release of Windows Live ID (WLID). The Software Development Kit makes it possible for Web developers to build WLID componentry in just about any scripting language that matters (PERL, Python, Ruby, etc.) which also means it should work on servers other than Windows Servers (eg: Linux). Additionally, it's open. Whereas with Passport, Web site operators had to go through Microsoft to federate their authentication systems with Microsoft's infrastructure, now, there's no hassle for third parties to engage in such federation. Just do it.
When I saw the announcement, the first thought that went through my mind was whether or not Microsoft's WLID service would also "double" as an OpenID node. OpenID is another single sign-on specification that has been gaining traction in open circles (no suprise there) and the number of OpenID nodes (providers of OpenID-based authentication) is growing. My first encounter with OpenID (when I established my own ID as a user) came when I integrated Facebook and Twitter. The process required me to get an OpenID to make use of Twitterfeed.com -- the 3rd party intermediary that turns Facebook status updates into tweets on Twitter.
In light of the WLID announcement from Microsoft and given the discussions that the Redmond company's chief identity architect Kim Cameron and I have had (see After Passport, Microsoft is rethinking identity) about where Microsoft has to go to be more of an open player on the identity front, I tried to track him down to get an update on why WLID and OpenID don't appear to be interoperable (I could be wrong on this). I figured he'd have something to say about this and found my way to a blog entry that he published on the same day. It didn't make special reference to the WLID news. But, to the extent that he's one of the deep thinkers on identity at Microsoft, it provides some clues with respect to Microsoft's thinking when it comes to some sort of single identity infrastructure on the Net.
He picks up on fellow Microsoftie Dare Obesanjo's treatise on the moving parts of a federated authentication system: the ID providers (eg: an OpenID node like Verisign or a WLID node like Microsoft), the supporting Web site (eg: Twitterfeed.com as a site that supports OpenID)%