Simon Willison - Treehouse Blog

Simon Willison - Treehouse Blog Learn to code. Start your free trial with Treehouse. Home Subscribe Free trial Community Simon Willison Gillian Carson writes on March 22, 2007 Share with your friends Your Name Your Email Recipient Email Enter a Message I read this article and found it very interesting, thought it might be something for you. The article is called Simon Willison and is located at http://blog.teamtreehouse.com/simon-willison. Captcha Submit This interview was recorded at the Future of Web Apps conference in London, February 2007. Watch the video! Simon Willison talks to journalist Bobbie Johnson for Vitamin Read the transcript! VITAMIN: Can you just run through exactly what OpenID is? Simon Willison: OpenID is a decentralised system for single sign-on. So it lets you have one user account that you can use to log into lots of different sites. The thing that makes OpenID special compared to, say, Passport or Typekey or other things that have gone before, is that with OpenID you get to decide where your identity is hosted. You can host it with SixApart, or you can host it with AOL or you can host it yourself. The standard, the technology keeps on working no matter where youve put it, so you can even switch providers and say actually I used to be hosted with Six Apart and now I want to host it on my own – you can do that and your login keeps working. VITAMIN: So what is the fundamental problem that it solves? SW: Everyone has too many user accounts. Ive got dozens and dozens of user accounts of sites that I use – some I use on a daily basis, some on a monthly basis. Managing all of those usernames and passwords is just incredibly difficult. Everyone knows that you should use a different password for every service, because otherwise one service gets cracked and you lose everything but of course nobody does that, because managing two or three passwords is enough work for most people. VITAMIN: So I create an OpenID and associate it with other identities I have around the place, and the sign-on procedure becomes basically non-existent? SW: Exactly. In fact, if you’ve got an AOL messenger account already then you have an OpenID it will be openid.aol.com/ and then your screenname. But the idea is that you find applications that support OpenID (this is currently quite a small list but its growing all the time), and you can then sign into those with your OpenID, potentially merge that with an existing user account or create a brand new user account and just continue using the application without any further hassle. VITAMIN: Support is growing quickly. How is the take-up growing? SW: The problem OpenID has is that there are two sides to OpenID there are OpenID servers, the places that will give you an OpenID, and there are consumers, the sites you can actually log in to. And of course everyone wants to be a provider, because it feels great to have lots of user accounts and loads of people have big user account databases that they can open up. But people are much more cautious about being a consumer because its a lot less well understood what that actually implies. So its all about the benefits of being a consumer and the sorts of things you can start to do once you let people log in to your site with an OpenID. VITAMIN: Can you give us some examples? SW: The obvious one is that you get linked to from digg or Techcrunch and people click through to your brand new Web 2.0 service; then it asks them to create an account and half of them just walk off because they dont want to create another throwaway account just to try out your service. If you support OpenID you can instantly get a much larger signup rate because youve got a whole bunch of early adopters especially if digg is supporting OpenID, anyone who comes from digg has got an OpenID there already so you get lots more people trying out your service. So thats the really simple case, but looking further ahead whats really exciting is the stuff you can do to innovate around OpenID. So you might find that if you let people log into your service with OpenID and theyre logged into other services as well youve got a bridge between those two services. You can say well, youre logged into this bookmark service but because you used your OpenID for your photo service as well we can start combining your photographs and your links, we can start doing clever things like that. VITAMIN: Would people be able to bring their different social networking identities together as well? SW: OpenID actually does very little, it just solves the authentication problem. But its designed as a small component of a larger ecosystem, so you could build friend import and friend export on top of OpenID. You log into a site with your LiveJournal ID and the site then goes to LiveJournal and says hey, who does this person have down as their friends?. And if those people are present in that sites system then it can set up friend relationships there. So theres potential for people to start buil