While there are boards with members with fancier titles, the OpenID Board is made up of people responsible for getting things done in their companies and among their peers.  This Board is still new; a mash up of companies, personalities and passions.  My job is to be an honest broker of ideas and build an environment so we can stay focused on a protocol specific agenda and add value in this rapidly evolving identity ecosystem.

Let's get in to some specifics: you mentioned that one of your top three priorities was to "build a foundation for growth" by making sure that the "Foundations’ finances and governance issues are solid". Can you elaborate on specific steps that you've taken so far and what kind of progress you've made?

First, we’ve outsourced all non-essential functions like accounting, administration, etc. to companies that do that for a living for other open standards groups. This gives member companies the accountability they require to contribute financially and the community the confidence they need to contribute expertise.  Second, we’ve put our money where our mouth is.  The budget invested scarce resources in only those plans that protect IP, promotes adoption and evolves OpenID. As Raj Mata, our treasurer said; “We will not have a “feed the beast” budget.” The Board agreed to fund only those things a Foundation like ours can and must do.

The investment in “plumbing” will result in easier “on ramps” for individual members and corporate sponsors.  Memberships will be processed faster, budgeting standardized. Better tools for committees and working groups are some of our success metrics.  I need to demonstrate the OIDF’s capacity to provide thought leadership and tangible participation benefits.  Chris Messina is leading a volunteer effort with Michael Olson (of JanRain) and “Content Wrangler Extraordinaire" Amanda Richardson to update our web workplace and community participation.

Now let's cover some specific areas of emphasis for OpenID. What can you tell us about the progress with improving OpenID's usability?

This is a key concern throughout the community. We have to do better.  We are planning a series of usability events in the fall.  These will focus on usability in government adoption as well as in new areas of adoption. We are planning open use case workshops with the National Institutes of Health, the National Library of Medicine and the National Cancer Institute to refine interoperability and look at usability through the eyes of scientists collaborating worldwide. Luke Shepard of Facebook and Alan Tom of Yahoo, our usability committee co-chairs, are looking at several options in the Bay Area to bring new energy and approaches to OpenID usability. Google has long standing and deep domain expertise in usability and our efforts can now include new players like Sears and Kmart.  I know the developers in “My-Sears” usability labs in Chicago are looking forward to meeting their peers in the Bay Area and throughout the community.

OpenID’s growth has been exponential, but its adoption has been asymmetrical. Usability is the key to a more balanced evolution. We need more relying parties involved in this adoption dynamic than we’ve seen to date. But as with security, I believe the more platforms are built where OpenID can be used, the more value gets created.  It will be fascinating to see how this “network effect” plays out.

What's new with OpenID, security and privacy?

With the growing mainstream interest in OpenID comes good and bad. We are open to misunderstanding from non-technical audiences and increased scrutiny by privacy advocates and interest groups. I think OpenID can benefit from the mainstream media’s excited embrace of social web tools and therefore be enriched by mainstream adoption.  I am a fan of Facebook’s Tim Sparapani, a former civil liberties attorney.  He is one of the most articulate voices in the community on privacy. In many ways, privacy has become a commodity. Travelers exchange it for safety; celebrities exchange it for well, celebrity, and we all exchange it for a few cents off at the checkout aisle in the Safeway. We know that the social web is, by definition, interactive, that it takes information about what I'm typing in order to send things to me.

Privacy is an issue. It is not a crisis. The industry has done the right thing by getting ahead of this curve and saying, we have to be able to be part of a coordinated effort to address the public and address people in Washington DC, especially those interested in “open government.” One of the principles the Board wants to embed is a self-regulatory, self-certifying system.  We're committing to collaborating with the entire identity ecosystem in order to educate the public continuously about both benefits and risk mitigation.

Security is another issue the Board has invested in. The government interest in OpenID forces a deep dive into these issues. I am reminded daily about OpenID’s security challenges. I welcome the worries.  It’s understandable given the denial of service attacks we’ve seen recently. My response is an invitation to join the effort to shape our standard. OpenID is a new protocol it is undergoing a rigorous real time shakedown.  Andrew Nash, a board member of both the OpenID and Information Card Foundations, put together a team at PayPal to help OpenID get traction in of our toughest challenges. That’s the kind of leadership that will help get traction on one of the Foundation’s highest priorities.

Lastly, what should we be looking forward to over the next three to four months?

Some call government adoption the “mother of all use cases.”  We been collaborating with ICF and other groups on a theme we call “Open Trust Frameworks for Open Government.” Our working hypothesis is the US Government’s pilot adoption of OpenID protocols is a “forcing function” and will yield benefits throughout the open identity community. As a forcing function, the government’s technical “profile” for OpenID and accompanying certification requirements (Trust Framework Adoption Program) are, in effect, use case constraints.  I believe the size, influence and market value of a government wide adoption offers timely, material and strategic benefits to member companies and the community at large.  OpenID OPs who want to participate in adoption of OpenID “are forced" ( no one forces Google to do anything…) to complete a set of tasks based on the GSA’s limited, paired down set of technology features, certification requirements and privacy controls.

The OpenID Foundation and other identity protocol organizations have invested significant resources in this public/private collaboration. These industry leading groups have clear expectations of significant positive returns in several areas. Vivek Kundra, US CIO told the OIDF that the government intends to leverage the large and growing OpenID installed base and corporate sponsorship to further its open government goals.  So the OIDF believes this forcing function will further its mission by accelerating adoption and improving and streamlining how government agencies, contractors and citizens use OpenID.

But only time will tell, this public/private industry initiative will be successful if the current collaboration expands to meet the increased challenges of the next phase: a public-facing launch of our open trust framework and pilot programs at the NIH and other agencies.