Identity 2.0

Published on Monday, October 23, 2006

First, let me define Identity 2.0. Wikipedia defines Identity 2.0 as....

Identity 2.0, also called digital identity, is the anticipated revolution of identity verification on the Internet using the OpenID standard. Identity 2.0 stems from the Web 2.0 theory of the world wide web transition. It's emphasis is a simple and open method of identity transactions similar to those in the physical world, such as driver's license.

OpenID is not the only player in this field. Other solutions include:

I also found a solution from whobar that

allows users to login to a website using InfoCard, OpenID or i-names and makes it all transparent to the web application

in which case the login screen would look something like this.

WhoBar

So, what does all this mean to the end user?

To understand this better, let me take you through the experience of authenticating myself to an OpenID enabled site. In this example I have used the free OpenID service provided by VeriSign called Personal Identity provider (PIP).

Step 1: I want to login to an OpenID enabled site. I am using Opinity as an example. To login, I am presented with a text box to enter my unique identity URL. Notice the OpenID logo in the text box.

Step-1

Step 2: Once I enter my unique ID, (in this case george.chiramattel.com), I am redirected to my Identity provider, which is VeriSign. I login to VeriSign and I am presented with the following screen from VeriSign. Here I can authorize VeriSign to 'prove' my identity to the referring site - Opinity. As you can see, I can set a timelimit to my authorization. I can also choose to share some personal profile information that I have previously stored with VeriSign with Opinity - but in this case Opinity is not expecting any such information.

Step-2

Notice that VeriSign mentions my name as http://georgeck.pip.verisignlabs.com. I will explain how I could configure this in a later blog. Once I confirm my authorization, I am redirected back to the referring site (Opinity) and (ideally) I should be logged in.

How is this different from a normal web-signin?

To start with, I don't have to maintain different passwords for different sites. My identity is my unique URL and I can present it to any site to let them know who I am. Now to prove it is really me who is presenting this URL, I use the service of the OpenID server, who ascertains my claim on my behalf.

I will explain details on how I configured my OpenID in a later blog.

comments powered by Disqus