|
Sunnyvale, California-based Internet company Yahoo has agreed to adopt the OpenID open source Web  identification system that will allow the use of a single sign-on for numerous Web sites, with a public test version becoming available at the end of January 2008, according to a statement issued Thursday. By backing the OpenID Web sign-on standard, which seeks to make it easier for people to manage usernames and passwords for multiple unaffiliated online destinations, Yahoo will more than triple the number of OpenID users by adding its 248 million active registered users to the 120 million existing OpenID accounts for a total of 368 million users. There are an estimated 9,000 Web sites presently supporting the OpenID program that Yahoo has now put its weight behind, including to a limited extent search leader Google's blog application Blogger. About OpenID The OpenID 2.0 digital identity framework, created by Brad Fitzpatrick, a former founder of LiveJournal and most recently a supporter of Google's OpenSocial platform, will allow users to consolidate separate login information into one decentralized and free OpenID account which would instead provide a single identification system for all Web sites supporting the standard. An OpenID holder will be able to sign-on once each session at either Yahoo's new OpenID Web site, me.yahoo.com, at  any online destination that supports OpenID, or by Yahoo sign-on buttons placed on participating Web sites. Yahoo plans to have its OpenID implementation working with users of Plaxo and JanRain, two of several partners it has worked with on the OpenID framework, from the initial launch date of January 30. Yahoo's implementation of the single sign-on system, which it claims to be the most user-friendly online user-authentication system, is based on the OpenID 2.0 standard that it helped finalize in December 2007, and is not backward compatible with an earlier 1.0 system. Yahoo will continue to work with the OpenID program, which has also been adopted in part by AOL, Microsoft, Sun and Novell, as improvements are made and new elements are added, the company says. Yahoo will work in conjunction with the OpenID Foundation, a legal entity set up as the steward for the OpenID community, to make sure it provides "something that allows users to quickly and easily login to any site with just one username and password," as Scott Kveton, chairman of the
Board of Directors for the OpenID Foundation, wrote on Yahoo's official blog Thursday. Yahoo Director of Membership and Registration Raj Mata sees the agreement announced Thursday as "just the first step in working with OpenID," he said in an article in TechCrunch. Creating a Single Trusted-Partner Sign-on Yahoo executive vice president of platforms and infrastructure Ash Patel sees Thursday's OpenID announcement as a way for Yahoo users to leverage their existing account. "A Yahoo ID is one of the most recognizable and useful accounts to have on the Internet and with our support of OpenID, it will become even more powerful," said Patel in Thursday's statement. "Supporting OpenID gives our users the freedom to leverage their Yahoo ID both on and off the Yahoo network, reducing the number of usernames and passwords they need to remember and offering a single, trusted partner for managing their online identity," Patel added. Kveton too sees advantages to the sheer number of users Yahoo brings to his organization's program. "Yahoo's commitment to an open web is a significant validation of the OpenID movement and Yahoo's adoption of the standard today immediately triples the total number of people able to use OpenID," said Kveton in the joint statement. "With Yahoo actively engaged with the OpenID Foundation and its community to promote OpenID, Yahoo's users will be able to more easily access the many sites across the web that support the standard, and the potential for access to Yahoo!'s vast international user base will create an even more
powerful incentive for additional websites to begin accepting OpenID users," he added. Carrying Digital Identities Across Social Web At Plaxo, which has been working with Yahoo on the OpenID initiative, chief platform architect Joseph Smarr sees an easier sign-on process as a vision whose time has come. "Plaxo believes that users should be able to carry their identity and personal information with them wherever they go across the social web," said Smarr in Thursday's statement. "Yahoo is making that vision a reality by becoming an OpenID provider. Yahoo users will be able to easily access Plaxo and other services without having to create and remember yet another  password. This also paves the way for a secure approach to data portability between the various services people use across the web," added Smarr. Another partner Yahoo has worked with on the OpenID system is JanRain, and its founder and vice president of engineering Larry Drebes sees the support Yahoo is giving to OpenID as beneficial to an easier to use Web future. "At JanRain, we believe the evolution of the Internet and the next generation of web applications hinges on universal adoption of a secure, portable digital identity," said Drebes. "JanRain is a leader in OpenID libraries, tools and applications, and has worked closely with Yahoo to integrate its new OpenID offering into our services. The addition of 248 million Yahoo users to the OpenID ecosystem will be a tremendous milestone in expanding the user base for OpenID," Drebes added. WebmasterWorld Member Reaction Mixed Among members of the popular online discussion forums operated by WebmasterWorld, a community of mostly technically savvy webmasters and search engine marketing (SEM) professionals founded by chief executive Brett Tabke, reaction to Yahoo's decision to back OpenID was mixed. "I can see it now, people don't use hard passwords, then the hackers can get it all in one fell swoop," wrote a member using the handle "WiseWebDude". "That could be a disaster for many," the member added. Another WebmasterWorld member observes what they see as the all-too-common practice of using the same sign-on information at numerous Web sites, generally considered a security risk. "Most of the mainstream public use the same user ID and password across different Web sites now anyway," the member wrote, adding their hope that Yahoo's OpenID program will have "a strict password requirement" when implemented. Security Concerns Such security concerns are not restricted to members of WebmasterWorld. Ben Laurie, an independent security expert expressed his concerns regarding the OpenID program Yahoo has backed, in a recent article in The London Times. "The whole thing is fantastically dangerous until you can introduce cryptographic methods which ensure that the whole procedure is not phishable," said Laurie, referring to the process of tricking people into giving up personal information online using phony Web sites or emails. The OpenID program has no centralized repository managing identities, unlike similar programs such as Microsoft's Passport, which stores all sign-on information within a database the world's largest software maker maintains. The OpenID system allows users to choose which Web sites they want to trust with their sign-on information, however in the test version available at the end of January, Yahoo will implement only one of two types of universal sign-ons. While Yahoo OpenID account holders will be able to automatically sign-on to all of the existing Web sites supporting the standard, those  already holding an OpenID, or who sign up for one at a non-Yahoo Web site, will not be able to go in the reverse direction and use their OpenID to sign-on to Yahoo. Yahoo has hinted that it may eventually allow for such two-way openness. Yahoo Backs OpenID Single Sign-on System Yahoo's director of memberships Raj Mata sees the OpenID program as an incentive that may see more people taking part in online communities that require registration. "This is another step forward for the open web. It is a hassle for users to have to log in to different sites. Often you have to register an account with a site - which you won't remember - just to post a comment. We think this reduces the barrier to entry," Mata told the Times. Undoubtedly a significant victory for OpenID, Yahoo's support as the most visited Web site in the United States and the third most popular worldwide, may go a long way towards pushing forward a technology that was until recently considered by some a technophiles pipe dream. OpenID will now compete with the similar DataPortability system that has been adopted by Google and Facebook, and Microsoft's Windows Live ID and CardSpace technologies. Related Links:
|
12:37 am on Jan. 18, 2008 (utc 0)