Today the OpenID Foundation announced that five leading technology companies, Google, IBM, Microsoft, VeriSign, and Yahoo! have joined the OpenID board of directors as its first corporate board members. This news comes a year and a day after the JanRain/Sxip Identity/Microsoft/VeriSign OpenID/CardSpace collaboration announcement introduced by Bill Gates and Craig Mundie at the RSA Security Conference.
How are these events related, you might ask? As I see it, they’re both great examples of the industry working together to solve the digital identity problems that all Internet users presently face — in these cases, both in the context of OpenID.
A lot’s happened over that year-and-a-day that’s worth celebrating:
- The OpenID Foundation was formed in June “to help promote, protect and enable the OpenID technologies and community“.
- The OpenID Phishing-Resistant Authentication Specification was developed and published in June.
- VeriSign and Ping Identity both enabled phishing-resistant login to their OpenID providers using Information Cards in July, soon followed by JanRain and LinkSafe.
- The OpenID 2.0 Specifications were declared complete in December and were accompanied by intellectual property contribution agreements from all of the inventors.
- The OpenID Foundation’s intellectual property policy and procedures, which had been under development from March through December through a collaborative effort between many companies and individuals, were completed, enabling all to be able to participate in developing and using OpenID specifications.
- And of course, OpenID adoption and usage continued to increase.
From a personal perspective, I’ve enjoyed working with colleagues from numerous companies (including from my own!) to help get us to today’s announcement, as well as working to bring safer, easier-to-user login and account creation to OpenIDs via Information Cards. Thus, I’m both pleased and honored to now be representing Microsoft on the OpenID Foundation board of directors.
Of course, today’s announcement is really only the end of the beginning. The real fun and value is still ahead of us, in the work we’ll do together. The draft PAPE specification needs to be completed. We need to drive relying party adoption of phishing-resistant authentication. And talk of an OpenID 3.0 that’s both easier and safer to use is already percolating on the mailing lists.
The Internet is still missing a much-needed ubiquitous identity layer. The good news is that the broad industry collaboration that has emerged around OpenID is a key enabler for building it together!