I’ve been spending a lot of time working over the idea of identity representation and validation over the past couple weeks… a topic that is both deep and wide and includes many players.
For the moment, I’m partial to OpenID, as it seems lightweight, decentralized and championed by my buddy Scott Kveton at JanRain (who is now also a Citizen Agency advisor). In fact, now that ClaimID has implemented OpenID, I have a good working example to show off.
But OpenID isn’t the only game in town. And many people are aware of this — in fact, wanting to become the next Passport standard that actually gets widespread adoption. Because once you become that standard, you have a lot of power, both over individual meta-data as well as the social networks that someone is connected to.
In our beginning conversations with Marc on his PeopleAggregator, this is apparent (we’re taking Marc on as a client to act as the community advocate, shortening the product feedback loop). As is increasingly clear, identity lock-in is where the next big battles will be fought, especially as more and more Web Twenny sites open up ports on their data but require authentication in exchange for access (the PeopleAggregator, for example, offers distributed login choices including SXIP, OpenID via LiveJournal, Flickr auth).
Over on the Identity 2.0 blog, there’s an interesting post by Dick on Google Account Authentication — looking at the desktop-based side of authentication (that you’d find in Picasa or Google Earth or even GTalk, for example) and web-based applications, like Joga). He makes the point, as ZDNet latches on to, that Google is “deepening of the identity silo”. And, of course, with Google Checkout, you can see the tenacles of the beast spreading out further without any likelihood of opening up.
So what’s interesting in seeing all these implementations emerge is the opportunity, as Marc has caught on to, of providing a man-in-the-middle “Debabelizer” between auth standards and social networks — what’s been called a “meta social network”. My buddy Scott, though, has also seen this opportunity. And both, fortunately are taking the open source approach (even if not all parties call it that).
So anyway, with all this going on and big players making moves in the space, the one thing that is clear to me about where we’re going is this: in the not-too-distant future, when someone asks if you’re “cross-platform” they’ll no longer be referring to the operating system that you’re running, but whether their identity or authentication standard is supported on your site. And furthermore, whether you’ve made it possible to bring in their existing social network/buddy list from other networks — because, let’s face it: it’s irrelevant whether you build for the Mac, PC and Linux; you’ve got the web, you can make your app universal. The big concern will be whether the social environment that I’ve spent years cultivating can travel with me and cross the chasm from the place where I first built it to populate the host that you’re building.