• If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • Stop wasting time looking for files and revisions. Connect your Gmail, DriveDropbox, and Slack accounts and in less than 2 minutes, Dokkio will automatically organize all your file attachments. Learn more and claim your free account.



Page history last edited by Chris Messina 11 years, 11 months ago

These results were presented in at the Internet Identity Workshop in November 2008. 

Positive Feedback

  • OpenID is viewed positively: open, lightweight, extensible, etc.
  • OpenID addresses an important market need, OpenID (or something like it) will have broad adoption sooner rather than later
  • Strong market adoption from net savvy technologists, people with early adopter values, user-generated content websites and small Web 2.0 companies

Market drivers 

  • Move to open web, interoperable framework
  • Growing on-line activity levels (research, e-commerce, social networks, etc.)
  • Increasingly web savvy consumers
  • Move to user-centricity, growth of user-generated content

Technology enablers

  • Acceptance of open source software, software as a service (SaaS)
  • Matured web technologies

Business benefits cited

  • Allow consumer users to move from website to website easily and seamlessly, manage their web identity in one place, get personalized info in a “trusted” way
  • Provide SSO federation across multiple web properties within a ‘family’ of sites (“internal”)
  • Provide federated SSO with partner sites (“external”)
  • Holy Grail: Consumers will be able to move seamlessly across all sites on the web in an authenticated session
  • Streamline registration, reduce drop-off rate of potential visitors at registration, increase conversion rates of site visitors to registered users
  • Reduce customer care costs associated with password maintenance
  • Provide a higher-quality brand experience; get consumers more easily engaged and interacting; retain them better, longer
  • Learn more about consumer users via “user-centric identity tools” (SREG, AX, OAuth, MySpace Data Availability, Portable Contacts, etc.)
  • Enable revenue-sharing arrangements between OPs and RPs

Areas for Improvement

User Experience

  • “Over complicated” user experience
  • UI design, sign-on flow, attributes, URL as identifier, inconsistent user experience across OPs and RPs, reconciliation of multiple user accounts, sign-off, etc. 
  • Lack of consumer understanding of OpenID


  • Many large OPs not sending SREG data today, email is most requested field
  • Lack of a flexible international data scheme with ability to adapt it to local customs, business models, etc.


  • Not all business managers fully understand the business benefits of OpenID 
  • Legal and regulatory frameworks not fully developed
  • Security/Trust/Privacy issues require further development
  • Possible need for some kind of OP certification program


  • Few large companies have implemented it broadly yet
  • OpenID supporters and Foundation Board members appear to be more focused on the technology than the business applications and needs

Initiatives Underway



  • Google is providing verified email via AX, Yahoo and AOL evaluating SREG deployment, MySpace to provide profile and friends data, Plaxo supporting Portable Contacts

Legal Framework

  • Yahoo and Google are developing templates for legal and business agreements governing OP/RP interchanges
  • NRI leading on Trusted Data Exchange (TX) extension


  • The PAPE authentication security standards have been officially submitted for public review and final ratification
  • OIDF Security Committee has been formed, chaired by Tony Nadalin of IBM

Comments (0)

You don't have permission to comment on this page.