As I continue to explore OpenID, one of my immediate concerns was... how do I choose an identity provider? And if I do use an identity provider, what happens if they stop providing OpenID services? Or what if they are bought by someone and I don't like the new owner?
Essentially - how do I create an "abstraction layer" that allows me to maintain control of my identity and not be beholden to the whims or policies (or circumstances) of a provider?
The answer is amazingly easy... just use your own domain name! As explained by Simon Willison, the process merely involves inserting two lines of code into the header of the HTML page at the URL you want to use. So, for instance, I updated the page for www.danyork.com (which actually gets pointed to a page in a larger website) to have these two added lines:
<link rel="openid.server" href="http://www.livejournal.com/openid/server.bml">
<link rel="openid.delegate" href="http://dyork.livejournal.com/">
That's it. Now on any website that allows OpenID logins, I simply use the OpenID of "http://www.danyork.com/" and I am briefly redirected to LiveJournal to approve the granting of access to my identity credentials. Simple and easy.
The beautiful part about this is that I can switch Identity providers any time I like. I used my LJ account here, but I actually like some of what ClaimID has to offer. Perhaps I'll use them instead.
The net of it, though, is that it doesn't matter... to the websites where I login, I login with the danyork.com id and all is good. Who actually provides the request for the technical OpenID data is a different matter and should be - and is - separate from your actual identity. Very cool to see... and nice to be able to be in control of my identity!
P.S. And thanks, Simon Willison, for writing up that tutorial... very helpful.