

Yahoo Implements OpenID; Massive Win For The Project - terpua
http://www.techcrunch.com/2008/01/17/yahoo-implements-openid-massive-win-for-the-project/

======
mechanical_fish
Well, it could be that my skepticism about OpenID will ultimately prove
unfounded. It would hardly be my first mistake, nor will it be the last.

But then I read this:

 _"... he would not confirm when (or if) Yahoo would also allow become_ [sic.]
_what is called a "relying party" (allowing users with third party OpenIDs to
log in to Yahoo). He did say that the goal was to move in that direction, but
gave no further guidance."_

OpenID! Where all IDs are equal, but some IDs are more equal than others!

Yahoo is hardly alone. I can't find an OpenID login on AOL or Facebook,
either. Blogger (aka Google) supposedly "supports" OpenID, but their login
page doesn't let me use one.

These big "adopters" sure are happy to _provide_ OpenIDs, in exchange for
detailed information about which sites you log into and when. But they're
understandably reluctant to _accept_ OpenIDs, because what's in it for them
but a support headache, a loss of control over the customer relationship, and
more data for their competitors?

Remind me again why this isn't just the Mexican-standoff version of Microsoft
Passport, with a soundtrack by Ennio Morricone? I guess it's nice that I can
now _choose_ , site by site, which of my corporate overlords is going to own
all my login data. And we get to watch as Mike Arrington and Tim O'Reilly
force Google, Yahoo, AOL, Microsoft, and Facebook to play chicken, a spectacle
which will sell a few banner ads.

In other news, there are now 360 million OpenID holders, just as there were
once 360 million AOL CD owners. [1] Do OpenIDs make good coasters?

[1] _Note: one of these statistics was made up for entertainment purposes. Do
not cite on Wikipedia._

~~~
tlrobinson
I actually (partially) agree. I think that any company that wishes to be a
OpenID provider should also be a relying party. I wouldn't use Yahoo or any of
the other big guys as my provider anyway, though.

I don't think sites should be reluctant to accept OpenID. It's more convenient
for users to sign up, so if OpenID catches on (which obviously Yahoo thinks it
will), they would likely get more (and happier) users. I'm not sure why you
think support costs would be higher, since the OpenID provider is responsible
for managing the user's account (lost passwords, etc...)

OpenID is very different from Passport, namely since OpenID is _open_ , not
controlled by Microsoft. As I've said before, if you're so worried about
"corporate overlords" spying on you, there's a simple solution: be your own
Open ID provider. It's very easy if you've every set up a simple website
before.

------
pingswept
It seems that Yahoo is allowing users to use their Yahoo IDs as OpenIDs. This
will make some other sites want to use OpenID for authentication, because who
wants to manage credentials if you don't have to?

However, if I'm understanding it correctly, this will not allow people to use
OpenIDs that are not obtained from Yahoo to log in to Yahoo.

It seems to me to be solving half of the problem (needing new credentials for
every website) but not the other half (having a corporation be the repository
for those credentials).

If anyone with more of a clue can explain to me how this is not a base
perversion of one of the major ideas behind OpenID, I would be obliged. ("You
get to choose the OpenID Provider that best meets your needs and most
importantly that you trust," from openid.net/what/)

~~~
bct
> It seems to me to be solving half of the problem (needing new credentials
> for every website) but not the other half (having a corporation be the
> repository for those credentials).

Your second half has been solved for a long time, anyone can run their own OP
[http://www.intertwingly.net/blog/2007/01/03/OpenID-for-
non-S...](http://www.intertwingly.net/blog/2007/01/03/OpenID-for-non-
SuperUsers)

Your first half is the unsolved problem. There seems to be a lot of reluctance
to be an RP (possibly for the reasons mechanical_fish has stated)

------
tx
Yea... another half-assed attempt of delivering news from techcrunch.

