

Google Sneaks up on Identity Management - dawie
http://webworkerdaily.com/2007/12/16/google-sneaks-up-on-identity-management/
http://www.google.com/help/profile/
======
tlrobinson
_"On the other hand, it's also possible that they could shop the combination
around to other sites as their own answer to Passport and OpenID - a universal
web identity backed by a trusted brand."_

[Sigh]

A universal web identity should _not_ be "backed" by any particular brand.
That's precisely the strength of OpenID (and _not_ MS Passport). You're free
to use any OpenID provider which _you trust_ (including _yourself_ ), but you
aren't _required_ to use anyone in particular, like this guy suggests Google
could/should do.

For example, I recently set up my personal website URL to be my OpenID (very
easy: two additional <link> tags), which currently delegates to an account I
registered with the myopenid.com provider, but I could easily change it at any
time to another provider if I found another better provider that I trusted
more (or even myself using something like
<http://siege.org/projects/phpMyID/>)

Now, if Google wanted to be an OpenID provider (like AOL, LiveJournal,
Technorati, WordPress, and others have done) I would be all for that. What we
_don't_ need is some proprietary system.

I suggest anyone developing a web app look into supporting OpenID
authentication. It's not too much additional work, and it would make the web a
better place if it were widely deployed. Plaxo has detailed instructions on
converting existing web apps to support OpenID:
<http://www.plaxo.com/api/openid_recipe>

And for the rest of you, you should set up an OpenID and start using it
wherever possible. Sam Ruby has good instructions on using your URL as an
OpenID [http://www.intertwingly.net/blog/2007/01/03/OpenID-for-
non-S...](http://www.intertwingly.net/blog/2007/01/03/OpenID-for-non-
SuperUsers) or OpenID.net has information on getting an OpenID from any number
of providers: <http://openid.net/get/>

