I have to blame Aswath. Back in December, he posted a short piece wondering about the use of OpenID in SIP authentication. He contacted Jonathan and I in regard to Blue Box and asked for our comments. We discussed it on Blue Box #48 (at 15:50 in the show) and basically said "well, it's interesting, but there's no trust model so we can't see how it would really work". I had some further brief email exchange with Aswath, and then somewhere in there he came out with his proposal for extending OpenID use into communication systems. Again he dropped us a note, and again, even with posts like that of phoneboy, I still hadn't gotten over my concern about trust - and we discussed it again in the soon-to-be-issued Blue Box #51, along with a comment from a listener.
But there was something there that kept nagging at the back of my brain... and then as Microsoft announced support for OpenID out at RSA... and then as AOL is talking about their plans... along with a hundred other smaller indicators... all of it has made me realize that I've needed to "go deeper" on what OpenID is all about and how it works... and how maybe, just maybe, there might be a role for it in VoIP.
I'm not there yet, but I'm definitely in the middle of the deep dive. I've told Aswath that I'd get him a longer response - and I will - once the journey has gone a bit further. In the meantime, those of you who want to follow along can watch my del.icio.us trail on openid... it keeps getting longer.
If you have no idea what OpenID is about at all... think about all the websites you go to and all the different usernames and passwords you have. What if there was a way to have just one identity you could use everywhere? That's one of the ideas behind OpenID. Here's some good places to start if you know nothing about it:
- Screencast on how to use OpenID
- Video from ETech 2006 - "Who is the Dick on your site?" by Dick Hardt of Sxip Identity (nice history of identity efforts)
Lots to learn out there...