Boris Mann

Open Source. Community. Decentralized Web. Building dev tools at Fission. Cooks & eats.


OpenID bounties and identity convergence

Scott Kveton announced the OpenID Code Bounty at OSCON today:

Integrate OpenID into your open source project and we’ll give $5,000 to your project.

We’ve seen OpenID really start to gain some momentum over the past couple of months and this Bounty program is really the exclamation point on that. There is a great list of sponsors for the program that includes people, organizations and businesses focused on building a simple, light-weight and decentralized user-centric identity platform around OpenID. Working with all of these people over the last couple of weeks has proven to me that convergence is really happening around OpenID.

I wasn't really a fan of the "original" OpenID spec. That is, it worked great, but only solved single sign-on. Then the Simple Registration Protocol, or SRP, got kludged in. This supports only 9 -- and exactly 9 -- attributes, and is not extensible. So, colour me firmly in the SXIP camp at this point.

Now, SXIP is helping to fund the OpenID bounties, and OpenID is further evolving. There is a 5th draft of OpenID 2.0, which still has profile information as separate, and Scott Kveton was earlier talking about OpenID v3 and convergence.

So...lots of pieces still coming together. The bounty announcement is, on the one hand, a good idea (something that SXIP should have done years ago...except for the fact that the spec keeps changing); on the other hand...we want to make sure that the best solution is implemented. Perhaps OpenID as the lowest common denominator for basic single sign on interoperability is a good start.

Is Bryght going to join the consortium to help fund bounties? Well, we don't have that kind of cash -- we are self-funded after all. We will work on making sure that OpenID works well with Drupal and Jabber.