Posted at 10:51 am on September 25, 2009 by Allen Tom
Google, Yahoo!, and MySpace have launched support for the OpenID OAuth Hybrid Protocol, which combines OpenID authentication (sign in) with OAuth authorization (access control) into a single interface. Websites that accept OpenID can now let the hundreds of millions of users who already have either a MySpace, Google, or Yahoo! account sign in and enable two-way data sharing of their profile, contacts, and activities, without having to register a new site-specific account or to share their password.
Plaxo is one of the earliest adopters of OpenID, allowing their users to sign into Plaxo using an OpenID enabled account with just a couple mouse clicks. Instead of requiring first-time Plaxo users to manually verify their email address by sending a verification email, Plaxo uses OpenID Attribute Exchange to verify Yahoo! and GMail email addresses without forcing users to wait at their mailbox for the verification email to arrive. Building on their successful experience with OpenID, Plaxo is experimenting with the Hybrid Protocol: A portion of new users who sign up for Plaxo using either a GMail or Yahoo account can now sign into Plaxo with their OpenID and authorize two-way data sharing of their Contacts and Activities via the Hybrid Protocol. You can read more about how this works on the Plaxo blog.
“OpenID+OAuth hybrid onboarding is the state-of-the-art for connecting users and sites across the emerging Social Web,” says Joseph Smarr, CTO of Plaxo and Board Member of the OpenID Foundation. “Google, Yahoo!, and MySpace all have massive userbases and expertise in consumer-friendly design, along with a rich set of APIs. So this is a major milestone in making the Social Web more open and interoperable.”
Another trailblazer in the OpenID space is JanRain, whose RPX service powers the l
ogin and registration flows for their customers, including Qype and MySears. Using the OpenID protocol, users can sign into RPX-enabled websites with an account that they already have. Now that RPX supports the Hybrid Protocol, sites integrating with RPX can now let users sign in with one of their existing accounts and share their Profile. In addition, these sites can also receive massive referral traffic by syndicating their user activities back to their OpenID Provider to be viewed by their friends and contacts at Yahoo!, Google, or MySpace.
Not only are we making OpenID more powerful, we’ve been taking steps to make OpenID easier and less confusing to use. The traditional OpenID “redirect” user experience has been criticized for taking a user away from the site during the login process. The OpenID User Interface Working Group has been chartered to make OpenID more user friendly, and we’re glad to announce that Yahoo!, Google, and MySpace now support the Popup UI as defined in the OpenID User Interface Extension. Sites that want to preserve their context and keep the user on their site can open a small popup window to complete the OpenID authentication flow. In order to help prevent phishing, the User Interface extension requires that the popup be displayed in an independent browser window with the address bar clearly displayed.
OpenID gives users control over their data and makes it possible for sites to build a single interface that can reach virtually all potential users. Because OpenID is an interoperable open standard, sites that accept OpenID can reuse the same interface and code to accept identities from a wide variety of OpenID Providers, including Google, AOL, MySpace, and Yahoo!. This makes it possible for virtually anyone to sign in to a site using an account that they already have.
It’s been an exciting month for OpenID, with recent news about our involvement in the Open Government Initiative, and now with support for Hybrid and the Popup UI. Stay tuned for more exciting news as we continue to improve OpenID!
P.S. If you’d like to meet the folks working on OpenID, OAuth, and the Open Stack, please join us at the Internet Identity Workshop in Mountain View, CA this November.
Allen Tom
Architect, Yahoo! Membership
OIDF Community Board Member
Tags: oauth, user experience
This entry was posted
on Friday, September 25th, 2009 at 10:51 am and is filed under News.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Posted at 4:11 am on September 9, 2009 by Chris Messina
Chris Messina is a community board member of the OpenID Foundation, long time advocate for citizens of the web, and prolific blogger on all things “open”.
Today in collaboration with Vivek Kundra, the nation’s first CIO, we are announcing a pilot program intended to enable individual citizens to login to government websites with their existing accounts — without revealing their password or personally identifying information — using OpenID and InfoCard technologies.
This is an important step in the Obama administration’s commitment to open, transparent, and participatory government.
First, it acknowledges and embraces existing, open technologies, rather than inventing their own (or worse, hiring independent contractors to do the same).
Second, this comes at a critical time in the history of OpenID, of which there are now well over 500 million OpenID-capable accounts in the wild, (even if few people realize that they already have one!). Given the wide deployment of this technology, it only makes sense that the government should leverage this wide potential userbase to facilitate interaction with its citizens.
Third, it is critical for the government and government agencies to develop solutions and adopt technologies that make it easier for modern citizens to engage with them, to exist competently alongside other social networking websites.
In other words, by embracing OpenID (and InfoCard), the government is helping to further establish the value of owning one’s own identity, and of having convenient, consistent, and privacy-protecting mechanisms in place to enhance and enable participation.
To make this more real, consider booking a campground on a state park’s website: do you really want to create yet another account (that you’ll probably never use again) just to reserve a campsite? Probably not.
To make this more personal: imagine searching the National Institute of Health’s website for information for a loved one who was recently diagnosed with cancer. You’d want the technology to get out of the way and serve your goals — who’d want to register for a new account when you just want to save your search progress (say, from a library kiosk) and resume it later (i.e. from home)?
It’s cases like this that begin to tease at the value of using existing accounts for low-security government interactions (at least to start). Like email, I expect to see this start with a slow, gradual adoption, and overtime, gain momentum and relevance.
To find out more about this pilot program, read the full press release and visit our OpenID for Government page.
This entry was posted
on Wednesday, September 9th, 2009 at 4:11 am and is filed under government, News.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Posted at 4:10 am on by Don Thibeau
Gov 2.0 Conference - Washington, D.C. — September 9, 2009 — Ten industry leaders — Yahoo!, PayPal, Google, Equifax, AOL, VeriSign, Acxiom, Citi, Privo and Wave Systems — announced today they will support the first pilot programs designed for the American public to engage in open government — government that is transparent, participatory, and collaborative. This open identity initiative is a key step in President Obama’s memorandum to make it easy for individuals to register and participate in government websites — without having to create new usernames and passwords. Additionally, members of the public will be able to fully control how much or how little personal information they share with the government at all times.
These companies will act as digital identity providers using OpenID and Information Card technologies. The pilot programs are being conducted by the Center for Information Technology (CIT), National Institutes of Health (NIH), U.S. Department of Health and Human Services (HHS), and related agencies. The participating companies are being certified under non-discriminatory open trust frameworks developed under collaboration between the OpenID Foundation (OIDF) and the Information Card Foundation (ICF) and reviewed by the federal government.
“We are pleased with the caliber of organizations who have signed on to be active participants in this initiative,” said Judy Spencer, Co-Chair of the Federal Identity, Credential, and Access Management Steering Committee (ICAM). “They represent some of the best thinking and innovation in the private sector. We also value the ongoing support and guidance of the OpenID Foundation and the Information Card Foundation in facilitating digital identity for open government.”
Since President Obama’s open government memorandum earlier this year, federal agencies have been embracing Web 2.0 technologies to interact with members of the public via means such as blogs, surveys, social networks, and video casts. Today’s announcement paves the way for individuals to use these new services and customize their experience on government websites without needing to reveal any personally identifiable information – including passwords. It also takes advantage of best practices from the private sector for protecting privacy and security, including making it easier for citizens to have pseudonymous interactions with government sites when desired
In essence, this initiative will help transform government websites from basic “brochureware” into interactive resources, saving individuals time and increasing their direct involvement in governmental decision making. OpenID and Information Card technologies make such interactive access simple and safe. For example, in the coming months the NIH intends to use OpenID and Information Cards to support a number of services including customized library searches, access to training resources, registration for conferences, and use of medical research wikis, all with strong privacy protections.
Dr. Jack Jones, NIH CIO and Acting Director, CIT, notes, “As a world leader in science and research, NIH is pleased to participate in this next step for promoting collaboration among Assurance Level 1 applications. Initially, the NIH Single Sign-on service will accept credentials as part of an “Open For Testing” phase, with full production expected within the next several weeks. At that time, OpenID credentials will join those currently in use from InCommon, the higher education identity management federation, as external credentials trusted by NIH.”
In digital identity systems, certification programs that enable a site — such as a government agency — to trust the identity, security, and privacy assurances from an identity provider are called trust frameworks. The OIDF and ICF have worked closely with the federal government to meet the security, privacy, and reliability requirements set forth by the ICAM Trust Framework Adoption Process (TFAP), published on the IDManagement.gov website. By adopting OpenID and Information Card technologies, government agencies can cost effectively serve their constituencies in a more personalized and user friendly way.
“It’s good to see government taking a leadership role in moving identity technology forward. It’s also good to see government working with experts from private sector and especially with the Information Card Foundation and the OpenID Foundation because identity is not a technical phenomenon — it’s a social phenomenon. And technological support for identity requires the participation of a broad community and of representatives of government who define the legal framework within which identity will operate,” said Bob Blakley, Vice President and Research Director, Identity and Privacy Strategies, Burton Group. “Today’s announcement supplies the most important missing ingredient of the open identity infrastructure, mainly the trust framework. Without a trust framework it’s impossible to know whether a received identity is reliable.”
Under the OIDF and ICF’s open trust frameworks, any organization that meets the technical and operational requirements of the framework will be able to apply for certification as an identity provider (IdP). These IdPs can then supply authentication credentials on behalf of their users. For some activities these credentials will enable the user to be completely anonymous; for others they may require personal information such as name, email address, age, gender, and so on. Open trust frameworks enable citizens to choose the identity technology, identity provider, and credential with which they are most comfortable, while enabling government websites to accept and trust these credentials. This approach leads to better innovation and lower costs for both government and citizens.
“Open government cannot and will not compromise either security or privacy,” said Drummond Reed, Executive Director of the Information Card Foundation. “By working with private industry, the U.S. government is harnessing the innovation and efficiencies of the open market and letting citizens choose their preferred means of engaging with government agencies.”
“This is a significant leap in participatory democracy,” said Don Thibeau, executive director of the OpenID Foundation. “Following President Obama’s directive, our government has worked with market leading companies to leverage modern, open standards to engage with its citizens. When the government adopts open identity standards and trust frameworks, the result is better service, more transparency, and greater accountability.”
· · ·
Industry Leaders Weigh in on the Open Identity for Open Government Initiative
“The joint work between the US Government, OpenID Foundation, and Information Card Foundation to enable the use of commercial identities on government web sites is groundbreaking,” said Kim Cameron, Microsoft’s Chief Identity Architect. “These pilot projects will provide invaluable insights about how these systems are actually used in practice, enabling people to build upon this seminal work both for government and private sector sites, further extending the reach of interoperable Internet identity.”
“Information Cards and OpenID technologies have the potential to improve consumer experiences online tremendously,” said Michael Barrett, Chief Information Security Officer for PayPal. “As an identity provider, we believe that this technology has enormous potential to improve the safety of Internet commerce.”
“The ability to enable individualized interaction through tools and technologies that citizens use every day represents a tremendous opportunity for federal agencies with citizen-facing missions,” said Lloyd Howell, Sr. Vice President of Booz Allen Hamilton. “Because this Trust Framework can be applied with a common experience across all federal websites, every agency can take advantage of this approach to improve operational effectiveness and reduce costs.”
“Equifax brings unmatched expertise in identity management and verification to the open trust framework initiative,” said Ron Carpinella, vice president of Identity Management, Equifax. “The opportunity to deliver our proven technology and its privacy features to the government sector is truly exciting. This pilot program is the catalyst that will enable better, more secure, and user-centric capabilities in government and industry digital services.”
“Open standards like OpenID create a better Internet for everyone. As the largest single provider of OpenID accounts, Yahoo! is eager to pave the way for further OpenID adoption. That is why Yahoo! has led the effort to make OpenID easy to use and understand for consumers around the world. And by meeting the government’s standards for security and reliability, we believe OpenID will continue to be the most convenient and trustworthy open identity standard on the Web.” said Allen Tom, Membership Architect, Yahoo!.
“VeriSign is excited to be a part of the U.S. Government’s initiative to further President Obama’s call for a more open and participatory government,” said Nicolas Popp, vice president of Innovation at VeriSign. “Based on our experience with bringing trust to the Internet, we look forward to playing a role in the development of an identity trust framework that will enable citizens to communicate with the government openly with confidence.”
“AOL has always focused on helping consumers get safe and easy access to the content and services they want online. That’s why we’re proud to be part of the government’s pilot program to allow citizens to access government websites using identities they already own. As an early supporter of OpenID, we recognize the tremendous value this service can offer consumers and applaud the government for its vision,” says George Fletcher, Chief Architect for Identity Services at AOL.
“As a champion of consumer privacy and a long-time provider of identity management, we at Acxiom are privileged to provide identity technologies to this effort,” said Tim Christin, senior vice president of Acxiom’s Identity Solutions group. “U.S. citizens can now be assured an easier and safer Internet experience with the government. ”
“It’s exciting to see the United States government embracing innovative web-based technologies to serve its citizens in a more convenient, secure, and personalized way,” said Brian Kissel, CEO of JanRain and Chairman of the OpenID Foundation. “This further validates the broad range of applications and market segments where OpenID is having a positive impact on users’ web experiences.”
“The open identity initiative illustrates how identity technologies have moved beyond theory to solve real-world challenges and highlights the potential for opportunities in the private, as well as the public sector,” noted Jeff Carter, CEO of Azigo. “Hosted Information Cards let web sites issue Information Cards quickly and easily — a key step forward for the future of digital identities.”
“Open Government represents a significant step forward in modernizing our nation’s democratic system.” said Patrick Harding, CTO of Ping Identity and ICF board member. “We are thrilled to be involved in establishing the Internet identity security and privacy standards necessary to ensuring the long term success of using 2.0 innovations to improve governmental transparency and encourage citizen involvement.”
“Citi is a huge proponent of driving alignment within the public sector to collaborate in the development of accepted standards that promote interoperability for common processes.” says Hilary L. Ward, Director, Identity Business Manger, Citi. “We are excited to be a part of this initiative and being able to bring our innovation and expertise to this program. This is a tremendous first step in creating a broader identity and trust framework that can work across applications, communities and borders to the benefit of citizens everywhere.”
“Privo is pleased to be an identity provider under the open trust frameworks to support access by any citizen who desires to interact with participating government sites, while still protecting their identity,” said Denise Tayloe, Founder, President and Chief Executive Officer of Privo. “We see tremendous parallels between the work we do with children and parents to verify and protect their identities using our existing, and available, Identity Card technology and the work the government is doing to interact with its citizens in a safe online environment.”
“Opening the U.S. government to direct citizen involvement using OpenID and Information Card identities is a major step for the trust fabric of the Internet”, said Steven Sprague, President and CEO, Wave Systems Corp. “Wave is innovating ways for both these technologies to take advantage of trusted computing infrastructure so OpenID and Information Card users can enjoy unparalleled access and interaction with government websites with maximum security and privacy.”
“Interoperable and trusted identities are foundations to building a smarter planet that includes the systems that run, the way we live and work as a society. In order to build such a smarter planet, it is important for governments, communities and industries to work together in building a smarter planet.” said Nataraj Nagaratnam, IBM’s Chief Identity Architect. “This initiative around pilot projects that bring these three groups together is a significant milestone in the journey of identity metasystem, and in the evolution of open, interoperable identities”
“The US Government taking real steps to adopt open technologies has the potential to enhance and simplify citizen engagement,” said Chris Messina, an advocate of open technologies and CEO of Citizen Agency, LLC. “This effort sets in motion a shift in how individuals can interact with the public sector and makes progress on the Obama administration’s promise for a more open, transparent, and participatory government.”
“Information Card technology and OpenID specifications have co-evolved at the Internet Identity Workshop since 2005. The launch of this open trust framework is an exciting major development in the evolution of an open identity layer for the Web,” said Kaliya Hamlin of Identitywoman.net and co-producer and facilitator of the Internet Identity Workshop.
“The synchronicity between the U.S. and Japanese government is quite interesting,” said Nat Sakimura, Senior Researcher at Nomura Research Institute, Ltd. “The Japanese government is going forward with DigitalCivil Life Project that also embraces open identity systems and trust frameworks. We believe they are showing the changing tide towards more open and citizen centric government throughout the world. Today’s announcement by the U.S. government is an important step towards it.”
Media Contact:
Liz O’Donnell
617-365-7172
Liz3point0@aol.com
Tags: gov 2.0, gov20s, open identity
This entry was posted
on Wednesday, September 9th, 2009 at 4:10 am and is filed under government, Press Releases.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
“OpenID+OAuth hybrid onboarding is the state-of-the-art for connecting users and sites across the emerging Social Web,” says Joseph Smarr, CTO of Plaxo and Board Member of the OpenID Foundation. “Google, Yahoo!, and MySpace all have massive userbases and expertise in consumer-friendly design, along with a rich set of APIs. So this is a major milestone in making the Social Web more open and interoperable.”
Not only are we making OpenID more powerful, we’ve been taking steps to make OpenID easier and less confusing to use. The traditional OpenID “redirect” user experience has been criticized for taking a user away from the site during the login process. The OpenID User Interface Working Group has been chartered to make OpenID more user friendly, and we’re glad to announce that Yahoo!, Google, and MySpace now support the Popup UI as defined in the OpenID User Interface Extension. Sites that want to preserve their context and keep the user on their site can open a small popup window to complete the OpenID authentication flow. In order to help prevent phishing, the User Interface extension requires that the popup be displayed in an independent browser window with the address bar clearly displayed.
OpenID gives users control over their data and makes it possible for sites to build a single interface that can reach virtually all potential users. Because OpenID is an interoperable open standard, sites that accept OpenID can reuse the same interface and code to accept identities from a wide variety of OpenID Providers, including Google, AOL, MySpace, and Yahoo!. This makes it possible for virtually anyone to sign in to a site using an account that they already have.