[OpenID] OpenID Biz Case, etc

Paul Madsen paulmadsen at rogers.com
Wed Apr 1 10:21:16 UTC 2009 

A nit, OpenID does not 'support'

o   Sign-in via client side SSL Certificates
o   Image based passwords and recovery
o   2-factor authentication such as password+text message

but rather is orthogonal (mostly) to the actual authentication mechanism.

paul

Jonathan Coffman wrote:
> Hey there all, If you have a moment to breeze through the following I 
> would really appreciate it.
>
> Here's the situation: we're a major media company who is scrapping all 
> prior user authentication systems and building from the ground-up. I'm 
> working to make the case that OpenID absolutely has to be a key 
> component of this new system. Am I missing key points or 
> mis-characterizing the things I've learned? (I've read through many 
> blog posts, watched all kinds of presentations on slideshare, etc to 
> compile the below)
>
> -- btw: I do plan to post this to my blog once it's a little more 
> fleshed out.
>
> ==========
> OpenID Business Case
>  
> Summary: OpenID is an emerging web standard upon which users are able 
> to use existing accounts from major providers, like Google and Yahoo, 
> in order to sign in to other sites. In support of TKTKT commitment to 
> open standards and given that OpenID is quickly becoming a market 
> requirement the TKT Universal Authentication System will take 
> advantage of the technology.
>  
> Key Reasons to use OpenID:
>  
> ·      OpenID is a system for decentralized single sign-on; it solves 
> the technology problem of duplicate usernames and the user problem of 
> having to manage multiple usernames and passwords securely.
>
> ·      Users control and manage their own identity, which aligns with 
> the TKTKTK mission of empowering users to participate as well as our 
> dedication to open standards and technology.
>
> ·      Simple Registration system in OpenID can help users fill out 
> their registration form with things like their name, email address, 
> location, etc without us having to force them to fill out those fields.
>
> ·      The OpenID provider's business is authentication; they can 
> invest much more effort than we can in securing user's data and 
> information than we can.
>
> ·      Increase in number of sign-ups due to fewer form fields to fill 
> out during registration, and ease of user interface.
> ·      Persistent log-ins, each time the user opens the site they 
> don't have to sign-in again.
> ·      Fewer support resources necessary as users rely on their 
> identity provider of choice.
> ·      Being an open standard, hundreds of people are working to 
> enhance the technology and TKT has an opportunity to not only 
> participate, but also give back.
> ·      Marketing and promotional opportunities around TKT adoption of 
> the OpenStack would be seen as an extremely positive move in the 
> technology community and return positive buzz.
>  
> User Adoption: There are over 500 million OpenID enabled users 
> originating from the following sites and thousands more:
>  
> ·      AOL
>
> ·      Yahoo
>
> ·      Blogger
>
> ·      Flickr
>
> ·      Livedoor
>
> ·      LiveJournal
>
> ·      Wordpress.com
>
> ·      SmugMug
>
> ·      Technorati
>
> ·      Orange
>
> ·      Vox
>
> ·      ClaimID
>
> ·      MyOpenID
>
> ·      MyID.net
>
> ·      Myvidoop
>
> ·      Verisign
>
>  
> Market Support:
>  
> ·      Google, IBM, Microsoft, VeriSign, Yahoo, PayPal, Verisign, and 
> Facebook all have representatives on the OpenID board.
> ·      Those companies and many more are heavily invested in seeing 
> this standard adopted, and competing technologies have folded into the 
> OpenStack and are concentrating on their own individual niches as 
> enhancements rather than replacements of OpenID (oAuth, 
> ActivityStreams, PortableContacts, MicroFormats).
> ·      Users expect for their data to be portable between sites, a 
> social network or site with social functionality that does not allow 
> the user to take their information with them across the web is going 
> against the marketplace.
> ·      Over 35,000 sites currently accept OpenIDs (with sites like 
> Blogger and WordPress being counted as single sites despite having 
> millions of blogs).
> ·      Whitelabel social networking products have already enabled all 
> of their customers to begin accepting OpenID, including Ning and 
> KickApps, and pbWiki.
>  
> TKT Technology Platforms Support - The following software in-use on 
> TKTKTKT and TKTKT web sites support OpenID already:
>  
> ·      MovableType (out of the box)
> ·      WordPress (well-tested module)
> ·      Drupal (out of the box)
> ·      Joomla (out of the box)
> ·      Plone (out of the box)
> ·      Atlassian (JIRA) (out of the box)
> ·      Basecamp/Backpack/HighRise (out of the box)
> ·      MediaWiki (extension)
>  
> At the end of the list I included some of the products we use 
> internally as well because let's not forget the efficiencies created 
> in utilizing a web standard for our own internal usage as well.
>  
> Security Benefits:
>  
> ·      TKTK doesn't have security efforts, nor should we be in the 
> business of managing user's online identities, especially given the 
> amount of data and information that is collected by systems.
> ·      OpenID supports alternative methods of authentication beyond 
> anything that we would actually need such as:
> o   Sign-in via client side SSL Certificates
> o   Image based passwords and recovery
> o   2-factor authentication such as password+text message
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>   
> ------------------------------------------------------------------------
>
>
> No virus found in this incoming message.
> Checked by AVG - www.avg.com 
> Version: 8.5.285 / Virus Database: 270.11.35/2033 - Release Date: 03/31/09 13:05:00
>
>   

-- 
Paul Madsen
e:paulmadsen @ ntt-at.com
m:613-282-8647
web:connectid.blogspot.com
ConnectID <http://feeds.feedburner.com/%7Er/blogspot/gMwy/%7E6/1>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090401/6545d16a/attachment-0002.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gMwy.1.gif
Type: image/gif
Size: 22200 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090401/6545d16a/attachment-0002.gif>

More information about the general mailing list