These results were presented in at the Internet Identity Workshop in November 2008. 

Positive Feedback

• OpenID is viewed positively: open, lightweight, extensible, etc.
• OpenID addresses an important market need, OpenID (or something like it) will have broad adoption sooner rather than later
• Strong market adoption from net savvy technologists, people with early adopter values, user-generated content websites and small Web 2.0 companies

Market drivers 

• Move to open web, interoperable framework
• Growing on-line activity levels (research, e-commerce, social networks, etc.)
• Increasingly web savvy consumers
• Move to user-centricity, growth of user-generated content

Technology enablers

• Acceptance of open source software, software as a service (SaaS)
• Matured web technologies

Business benefits cited

• Allow consumer users to move from website to website easily and seamlessly, manage their web identity in one place, get personalized info in a “trusted” way
• Provide SSO federation across multiple web properties within a ‘family’ of sites (“internal”)
• Provide federated SSO with partner sites (“external”)
• Holy Grail: Consumers will be able to move seamlessly across all sites on the web in an authenticated session
• Streamline registration, reduce drop-off rate of potential visitors at registration, increase conversion rates of site visitors to registered users
• Reduce customer care costs associated with password maintenance
• Provide a higher-quality brand experience; get consumers more easily engaged and interacting; retain them better, longer
• Learn more about consumer users via “user-centric identity tools” (SREG, AX, OAuth, MySpace Data Availability, Portable Contacts, etc.)
• Enable revenue-sharing arrangements between OPs and RPs

Areas for Improvement

User Experience

• “Over complicated” user experience
• UI design, sign-on flow, attributes, URL as identifier, inconsistent user experience across OPs and RPs, reconciliation of multiple user accounts, sign-off, etc. 
• Lack of consumer understanding of OpenID

Data

• Many large OPs not sending SREG data today, email is most requested field
• Lack of a flexible international data scheme with ability to adapt it to local customs, business models, etc.

Business/Legal

• Not all business managers fully understand the business benefits of OpenID 
• Legal and regulatory frameworks not fully developed
• Security/Trust/Privacy issues require further development
• Possible need for some kind of OP certification program

Adoption

• Few large companies have implemented it broadly yet
• OpenID supporters and Foundation Board members appear to be more focused on the technology than the business applications and needs

Initiatives Underway

UX

• Yahoo, Google, AOL, Microsoft, MySpace, Facebook, JanRain, Vidoop, Plaxo and others met at Yahoo for a user experience (UX) summit to discuss ways to improve the OpenID user experience between OPs and RPs.
• Yahoo streamlined their OP login process, Google LSO initiative, JanRain RPX

Data

• Google is providing verified email via AX, Yahoo and AOL evaluating SREG deployment, MySpace to provide profile and friends data, Plaxo supporting Portable Contacts

Legal Framework

• Yahoo and Google are developing templates for legal and business agreements governing OP/RP interchanges
• NRI leading on Trusted Data Exchange (TX) extension

Security

• The PAPE authentication security standards have been officially submitted for public review and final ratification
• OIDF Security Committee has been formed, chaired by Tony Nadalin of IBM