JanRain Blog

Demand OpenID! is a new service which enables you to demand OpenID login support from websites you visit everyday. It’s a simple website and bookmarklet that provides a “one click call to action” for requesting support at your favorite websites.

How does it work? After you sign in for the first time, you’ll be given a bookmarklet to add to your web browser. Later, when you visit a website that asks you to log in and you wish it had OpenID support, just click the bookmarklet to have your vote recorded on the Demand OpenID website. Take a look at the demands for OpenID on Twitter. The service is unique in that it requires a user to log in with their OpenID, and publicly displays their votes on the website. It shows that these are people who have OpenIDs, and want to use them at websites across the internet.

Get started at demand.openid.net.

One of the most useful statistics to track the growth of OpenID is the count of Relying Parties (web sites that accept OpenID). Since launching myopenid.com nearly three years ago, we have been able to provide a fairly decent view of the RP landscape. Two and half years ago it was like Christmas every time a new site appeared. Whereas today we regularly see a 100 new unique sites a day.

Since we started providing these numbers, we’ve taken a conservative approach in what we call an RP. We strip out what appears to be purely dev testing. Anything with localhost, .local, ports other than 80 & 443 gets tossed. We also consolidate obvious related trustroots into one. For example sites like 37 signals, wetpaint and others, create many unique trustroots (which is perfectly valid), but for a truth in numbers sake we don’t count these as a separate 1000 sites, we count them as 1. Sometimes these patterns aren’t immediate obvious and we retroactively add them to a filter list. This can cause the RP count to be adjusted slightly downward over time.

At the end of April there were 13196 RP’s. At current rates, this number doubles before the kids go back to school in the fall, but I suspect we will be at a steeper growth curve before that time (more on this in another post).

Today we released an important piece of code to help enable web applications accept Microsoft Information Cards. It’s a Python library and PostgreSQL database interface that uses libxmlsec and OpenSSL. This code does not depend on any Web framework, and the database implementation should be easy to generalize. The library is available under a BSD license.

Though the library is only available in Python, it could be used as a reference implementation for those wanting to implement Information Card verification in other languages. The project is available here:

http://code.google.com/p/py-self-issued-rp/

This is a notice that myOpenID will be having a maintenance
outage starting at 14:00 on 2008/02/03, US Pacific Time
(GMT -7 hours). The outage may last as long as 60 minutes,
but is expected to be considerably shorter.

The reason for this outage is:

Network modifications to enable new services

During the outage, the myOpenID website may be unavailable or
unresponsive, and users will be unable log into OpenID-enabled
websites using their MyOpenID accounts. The latest information about
this and other myOpenID events can always be found on
http://janrain.com/blog/

We apologize for the inconvenience. If you have any questions, please
contact us at support@myopenid.com.

With OpenID back in the news, it is logical for people new to the technology to ask ‘Where can I learn more about OpenID?’ Well there are many resources out there for anyone wishing to learn about OpenID and we will go over a few of them here…

A great way to learn about OpenID is in person. The first event I attended for JanRain was BarCampPortland and it was incredible. Among other highlights I was thoroughly educated about OpenID. I was able to ask questions in the ad-hoc sessions and then follow up with fellow attendees as the event progressed.

If you will be in the San Francisco area in the very near future there is an OpenIDDevCamp coming up this weekend, January 11-January 13, 2008 at Six Apart. You can find more information on the event at the OpenID foundation blog or on Upcoming. Don’t worry if you can not attend, there are BarCamp like events being held all over the world and notes from this event will be posted in the OpenID channel on Pibb.

Interested in learning about OpenID before you jump into a *Camp event? Then you are in luck, there are a plethora of online resources available for anyone wishing to learn more about this great technology:

• JanRain’s OpenID Primer
  • OpenID channel on Pibb

• The OpenID Foundation
  • What is OpenID?
  • How do I get an OpenID?
  • Where can I use OpenID?

• Videos / Screencasts
  • ‘OpenID According to Dave’ (from Vidoop)
  • How to use OpenID (a screencast from Simon Willison)
  • Single Sign-on with OpenID (from ScreenCastsOnline)
  • Two OpenID Screencasts (Logging in to Drupal and Ma.gnolia using OpenID, from Bryght)

If you are still hungry and want to dive down deeper…

• OpenID Guides / Recipes
  • A Beginner’s Guide to OpenID at Not So Relevant
  • OpenID Guide for End Users / Logging in with an OpenID
  • Marketing OpenID (from an RP standpoint)
  • OpenID explained in 5 points
  • Plaxo recipe for OpenID-Enabling Your Site

• Reviews of OpenID Providers
  • SpreadOpenID.org - OpenID Provider Comparison
  • How well does your OpenID Provider stackup?

• Staying informed.. fire up your RSS Reader
  • Subscribe to the RSS feed for Planet OpenID
  • Setup a Google (or any) news alert for ‘OpenID’
    
  • OpenIDEnabled.com, home of JanRain OpenID librariers, has an RSS feed for library updates
    

Now that you have educated yourself about OpenID help spread the word, put on an OpenID session for your next local meetup/camp/event!

myOpenID is JanRain’s public OpenID provider service. As the largest independent site for establishing an OpenID on the internet, myOpenID.com has been online for two years and continues to grow with the spread of OpenID. myOpenID has been built with a focus of providing its members with features that enhance reliability, security, and usability.

Prominent features include:

• Choice of authentication methods including password, Microsoft CardSpace, and Client Certificates.
• Multiple registration personas
• Secure HTTPS identifiers available to each user
• Account activity/audit reports
• Affiliate program for site developers

and we are happy to announce these great new features:

• You can now personalize your myOpenID identity page. Upload your own avatar that will be passed to sites that ask using the Pavatar protocol, choose from a (small, but growing) selection of skins, or scrape your identity page to pull out your information in hCard, and MicroID formats
• You will also notice that your personas page has a new look as well as some new features. Support has been added for OpenID Attribute Exchange, and for adding URLs. This makes it easy to share links to your blog or other websites by showing them on your identity page or passing them along with Attribute Exchange.

Here is an example of my identity page:

Check out my identity page in person!

If anyone has any questions about these new features please post your bug reports/thoughts/feedback in the myOpenID channel on Pibb

In case you were wondering what you missed at this years Internet Identity Workshop there is a Massive Internet Identity Workshop (IIW) Video Recap over at CenterNetworks which is definitely worth checking out.

Highlights include the OpenID 2.0 specification and OAuth Core 1.0 Final being released. What does all this mean to you? Well it means that the web that we all want is actually starting to emerge.

Check out this video from JanRain’s CTO Michael Graves:

1. You will learn everything there is to know about what is going on in the identity space…

OK, so I exaggerate, more likely you will learn how much you don’t know. Internet Identity Workshop is a bi-yearly event that “focuses on user-centric identity and identity in the large. It is a working meeting for a range of groups focused on the technical, social and legal issues arising with the emerging identity layer of the web.”

This year it will be held December 3-5 2007 at Mountain View’s Computer History Museum. Its not too late to register!

I had been working for JanRain for a couple weeks when I attended IIW 2007a and it was an awesome experience. I posted notes from many of sessions I attended on Pibb. At the end I knew more about all the different facets of identity (online/offline) than I could have ever imagined and made some good friends.

JanRain and Vidoop worked together to create a simple one page document explaining OpenID; ‘OpenID - Web Identity That You Control’, which will be handed out in an information packet during Monday’s activities.

2. Announcements, Announcements, Announcements

You may have heard that there will be some kind of OpenID 2.0 announcement at IIW2007b.

Google has already announced OpenID support for their Blogger product. At IIW2007a Sun announced a Non-assertion covenant for projects using OpenID, notes are on Pibb.

3. Chance to meet and network with some great people

The IIW events are organized by Phil Windley, Kaliya Hamlin and Doc Searls, who are great ambassadors for the identity community and are very approachable, if you attend I highly suggest taking time to meet each of them. JanRain will be represented by Michael Graves, Josh and Kevin (not Fox…). ClaimID will also be represented, and you can see who else is attending here.

4. Shameless plug here… Pibb will be the communication backchannel for the event

Click here to be taken to all the IIW 2007b action!

First off, let’s get some prelimary affirmations out of the way: OpenSocial is a step forward in the social networking/digital identity ecosystem. We’re better off for having it available. It was fairly inevitable that a framework of kind would emerge in this area in reaction to the Facebook juggernaut, and in some significant ways, OpenSocial is well suited to achieving its basic goals.

It’s those basic goals that are underwhelming, disappointing. It shouldn’t be surprising to hear that we at JanRain digest developments like this with a keen interest on how this fits in with OpenID. And OpenID — or any namespace component — is conspicuously missing from OpenSocial. From initial passes at the APIs, OpenID will integrate quite nicely with OpenSocial, but the fact that OpenSocial has limited itself to interop and exchange between walled-gardens and silos severely limits its value to the user.

For example, consider a team of developers who want to develop a “social-network-aware travel calendar” - something a friend and ex-colleague of mine is actually working hard at right now. OpenSocial represents a step forward in reducing the burdens and headaches for this developer. By leveraging the OpenSocial APIs, the developers can expect to deploy their travel calendar apps inside the participating online communities in a much cleaner, standardized way; getting the social graph and attributes from the “host” has gotten much easier for the developer with OpenSocial.

But the key word there is “inside”. The disruptive, value-generating improvements for the user are realized in the “mashability” of the travel calendar app, not in its “embedability”. What benefits the user is that ability to log in to the travel calendar app and pull in the relevant social network data from all the appropriate sources. Tim O’Reilly makes a similar point with this example:

“Imagine what would have happened to Google maps if instead of supporting mashups, they had built a framework that allowed developers to create mapping applications across Microsoft, Yahoo! and Google as a way of competing with MapQuest. Boring! That’s the equivalent of what they’ve announced here.”

It’s no mystery why OpenSocial is structured this way: it’s designed to let other walled-gardens compete with Facebook, the runaway leader in walled-gardens in the social network ecosystem. It would be a design flaw for OpenSocial to integrate OpenID and expose the data isolated in those walled gardens. The mashups would be fantastically rich and useful for the user, but would displace the “location” of the user — an OpenID is a portable, autonomous identity, after all. It breaks down the walls of walled gardens.

It shouldn’t be a surprise, then, to see OpenSocial appear in the form it has. I’d frankly have been shocked if it had been designed around a unified namespace and portable identity — OpenID, in other words. Ecosystems evolve, and while OpenID is growing fast, and accelerating its growth as we near the release of OpenID 2.0, its disruptiveness is problematic for the parties involved in putting out OpenSocial. Over time, I believe the momentum and disruptive nature of OpenID will force a re-orientation of relationships between users, social networks and service providers, but for now, OpenSocial is just the next skirmish in the war between the walled gardens.

JanRain runs MyOpenID.com which offers a free affiliate program to site owners. Sign up is simple and gives you an easy way to setup users of your site with OpenID accounts. An affiliate link, when clicked on, will start the OpenID signup process for a member and when completed will log the user back in to your site automatically. Starting your members off on the OpenID creation process via an MyOpenID affiliate link makes for a better experience and makes sure the person returns to your site satisfied.

Ok so thats great, but why the MyOpenID affiliate program?

1. OpenID is the future

• You can read through the numerous posts on the JanRain Blog, OpenID.net, or just check the latest news to get facts/figures/trends showing how OpenID is going supernova.

• While you may not go OpenID exclusively, you will want to allow people to login using an OpenID. Implementing OpenID is easy and instantly opens your site’s doors to millions of OpenID account holders.

• You will want to make getting an OpenID as easy as possible for new members.

• As OpenID adoption increases so will the number of OpenID providers. New members will not want to have to shop around for the best OpenID provider, possibly ending up with a provider that is not reputable and spoiling that member’s experience on your site. Instead an affiliation with an established OpenID provider like MyOpenID will beneficial for the new member and your site.

2. OpenID is Core to our Business

• JanRain actively develops many of the libraries and tools currently in use and we have an in-depth understanding of how the technology works

3. JanRain operates one of the top OpenID providers - MyOpenID

• Don’t take our word for it, check out these independent reviews of different OpenID providers
  • Eight top OpenID providers comparison
  • OpenID Support Comparison (extensive)

• MyOpenID makes sure your member’s data is secure
  • MyOpenID will always use SSL when asking for sensitive information like a member’s password.
  • Our servers reside in a physically secure and monitored collocation facility.
  • There is an audit trail of all account activity, what sites an OpenID was used to login to and when, etc. are all listed when a member signs in.
  • Members can use a Client Side SSL certificate, using this certificate avoids the necessity to enter any sensitive information, such as a password.
  • Members can upload a ‘Personal Icon’ that will only show up on MyOpenID, if a site looks like MyOpenID but does not have a members Personal Icon showing, they will be able to immediately tell that they are being phished.
  • We worked with Microsoft to implement Information Card support for MyOpenID.com
  • Safe Sign-In, with Safe Sign-in activated, MyOpenID will only ask for your password on the “Sign In” page: https://www.myopenid.com/signin.
    • If a member is ever asked for their MyOpenID password anywhere else, they will know something is wrong.

• MyOpenID will always support the latest and greatest OpenID specification and feature set.
  • Sending your members to a feature rich and secure OpenID provider such as MyOpenID.com will ensure they continue to have the best experience with your site.

4. Our affiliate program for MyOpenID is the best..

• 2,000 Affiliates are already signed up…
  • Ma.gnolia.com - Find Websites & Build Community Online
  • EnThinnai - A Novel Approach to Social Networking
  • Peeron - LEGO Set Inventories
    
  • Spotplex - What people read most today
  • Velog - the social cycling log
  • Your Site dot com …. ?

• We will add you to our OpenID Site Directory
  • There is only one other…
  • Note: Even if you are not an affiliate please let us know if your site is OpenID enabled

• Our 2nd tier affiliate program will let you sign up users with OpenID accounts in the form of username.yourdomain.com (or whatever domain you choose) and host your own user pages. This is for sites that already have user pages that they want to convert to OpenID accounts.

We are confident that you will find MyOpenID to offer your members the best login and registration experience and offer you (the site operator) the best options for branding and promotion. Please let me know if I can answer any questions.

Kevin Fox
https://pibb.com/me/kfox.myopenid.com