18:42 PM

OpenID -- What is it Good for?

A strange thing often happens when I write. I sit down thinking about the structure of a news story or a news analysis and I often come up with different ideas and thoughts. I often find that I "think" through my fingers as I type.

This evening my fingers have been writing about OpenID and VeriSign:

- Could there be a Potential Privacy Issue with VeriSign's OpenID and its Internet Directory Name Services?

Could some uses of OpenID create a large privacy issue? | Tom Foremski: IMHO | ZDNet.com

As I've written these pieces I've started to question some of the basic ideas and concepts that surround OpenID and DNS.

It increasingly seems to me that OpenIDs benefit social network companies that don't have many users. While OpenID users could become vulnerable to the risk of easy tracking or monitoring: of not only their identity, but also the identity of their friends, family, work colleagues, contacts --and much of their online communication.

That's a much bigger exposure than revealing an individual's identity on the Internet.

Right now, the major social networks keep their user's social network information--and their user's identities--under lock and key. Ross Mayfield from SocialText likes to call their API strategy "AJAR" only slightly open--and for good reasons.

It seems to me that the widespread use of OpenID potentially exposes an individual's entire social network across the entire Internet. Right now that data is fragmented and difficult to acquire by anyone interested in nefarious uses .

Wouldn't it be better to keep that data fragmented and deal with the hassles of portability? Porting a few dozen contacts?

For most folk that's not an onerous task. If you use OpenID it effectively centralizes that data because it has to run through the central DNS service and through other databases and that potentially makes it easier to track.

The community wants it . . .

I've often heard OpenID touted as a "community ID" and that the "community wants it." I don't remember being consulted on this. I remember some bloggers loudly touting that they want something like OpenID for data portability.

But for those leading bloggers this is an easy method to bring their readers to new social network sites and to publish as widely as possible. Most people don't have 5,000 Facebook friends as do the top bloggers/publishers/ media companies. They represent an extreme example of social network usage that is far from typical of the mainstream user.

OpenID seems to benefit publishers not individuals. . .

It benefits the top bloggers/publishers to be able to port what are essentially reader connections wherever they want but does OpenID benefit an average user with networks that are counted in dozens rather than thousands?

OpenID is not much of solution in typical social network usage when the numbers are small. Where was the hue and cry about data portability from the average social network users? I don't remember seeing that. All I remember is the din from a dozen or so publishers.

Yes, you can find companies have come out in support of OpenID but most of them seem self-serving in their support because they don't have much of a social network to begin with and they would like to have one.

Maybe 3 social networks . . .

I can't handle more than 3 social networks -- that's my theory and I think it might apply more broadly :-)

When I leave my apartment I remember my keys, wallet, and phone but a fourth item is usually less reliably remembered.

Currently I'm cool with one main social network, which is Facebook; LinkedIn as a secondary/business network; and then my GMail/Twitter/SMS network - my social/communications (socco) network contacts.

That takes care of most of my business/personal/social needs. For some people, a third network might be a church group or hobby group. Or maybe other people can manage four networks or more, that's great.

The point is that for the vast majority of people, they are not going to be active in more than half a dozen relatively small social networks--so what is the purpose of OpenID?

Let me ask again: Are individuals going to benefit? Or is OpenID an opportunity for mass media publishers and businesses trying to create a business?

I don't have much of need for OpenID right now. What about you?