I just got my domain renewed. In celebration of this anniversary, I decided to learn more about OpenID and set up my own identity server. With my new identity server is my new self-managed identity. Cool, eh?
What is OpenID?
OpenID eliminates the need for multiple usernames across different websites, simplifying your online experience.
In other words, an OpenID is a universal identifier that can be used at numerous websites. The universality of OpenID is derived from the manifestation of OpenID’s as URL’s. Each user owns a URL, so to speak, and trusts an OpenID provider to assert the ownership and provide details about the user. An OpenID consumer, or an application seeking user identification, relies on providers to identify their users. OpenID is decentralized: there are many providers so users are not locked into any particular vendor. If all this is confusing to you, just head over to the official OpenID website and have a look.
Ease of Use
OpenID allows us to consolidate our numerous online identities to just one universal identity that is accepted everywhere OpenID is accepted. We only need to remember one identity. It also simplifies application design, as the work of authenticating users could be off-loaded to a standard OpenID client.
Security
OpenID is as secure or as insecure as the user wants it to be — it all depends on the provider of choice and usage pattern. Some providers use client-side SSL authentication and some do not authenticate at all. While consolidating identities may not sound very secure, keep in mind that it is possible for the security-minded to keep multiple OpenID’s.
Privacy
It is important that the user trusts the provider. The provider not only authenticates the user, but it also manages the user’s credentials. The provider also knows where the user is signing into. It is absolutely trivial to set up a personal OpenID provider, though, so there is no privacy issue. As long as one has a website, one could set up a personal provider. But most people choose to trust existing providers since it is expedient.
Ubiquity
OpenID aims to be universal, but is still being adopted. Since it is being provided and accepted by numerous large corporations, chances are good that we’ll see it become more and more popular. If you want to hop on the OpenID bandwagon, you could get one at any of the existing providers, or even here!