OpenID and the Social Graph

First, full disclosure: I don’t know a lot about OpenID. But I do know that there are some serious issues related to online identity. Here are two of the questions I find most pressing:

  1. How do I create a persistent identity, across all the different web services I use? This is a question of convenience. Registering for a website that I’m going to use once is kind of ridiculous. Even if I wanted to use it again, chances are I will have forgotten my password, or even that I ever registered there in the first place. I could always register again, but that isn’t useful for me, or the service provider.
  2. How do I take ownership of my personal information? This is a privacy and security question. I’m online a lot. There’s a lot of digital information about me that could be gathered up to paint an interesting picture of who I am. Ideally, I should be the person who owns that picture and controls who has access to it.

Now, I’m not saying that OpenID has solved these problems – far from it – but it has created the opportunity for people to test things out and discuss what works and what doesn’t. As far as I can tell, the first issue is being addressed more directly than the second. Still, I don’t think we’re going to have a meaningful approach to the privacy question until we get some more experience with persistent identities.

Tim Berners-Lee’s recent post on the Giant Global Graph is bound to spark more interest in and discussion of OpenID and other identity solutions. As social networking explodes, the portability of personal data becomes an issue that could define the success or failure of new players. The marriage of social networking and the semantic web seems like a natural one – if I can capture all that data about me and my relationships, independent of any given social networking site, then I can go to the sites that provide me the functionality I want, without having to recreate everything or worry whether my connections will follow me there. Having a unique, neutral ID for myself becomes a pretty important factor – my own personal URI, if we want to be technical about it.

This brings me to what I don’t like about OpenID: you sign up to get your OpenID through a service provider, someone like LiveJournal, WordPress, AOL or Vox. I say “sign up” but really, if you use one of these services (or a host of others), you already have an OpenID, you just have to start using it. The problem is that my relationship to these services could be transitory, so why would I want one of them to own my ID? I had a Vox blog once. Strictly speaking, it still exists. But I don’t want my persistent, ubiquitous online identity to be tied to it. Seems to me that it sort of defeats the purpose if you use one OpenID for a while, then switch to another for other uses, or when you tire of your old one.

As I followed this thread through the blogosphere today, I came across an interesting offering – It’s like domain forwarding for your OpenID. You create a URI, at a domain that you control, and point it to the OpenID of your choice. Authentication still takes place at the level of the OpenID provider, but I can change that provider later if I want to. I decided to give it a try with my AOL OpenID.

I should point out that I had used my AOL OpenID before and I had mixed feelings about it. On the one hand, I used to work for a company that merged with AOL, and I wasn’t thrilled about their strong arm tactics and determination to take over the world. On the other hand, I’m familiar with their authentication system, and I feel pretty comfortable with it. Still, I did not really want to announce to the world, “My online identity is inextricably tied to AOL!” Well, except to the people reading this blog, I guess.

Anyway, seemed like a good reason to give Own-ID a try. I added an alias to my domain, pointed it to Own-ID, authenticated it using my AOL Open ID and that was it. I tried using my new OpenID to sign in to some sites. Most of them worked, a couple of them didn’t. But the ones that didn’t work with my Own-ID also didn’t work when I tried to sign in directly with my AOL OpenID, so I’m guessing there was a deeper issue going on with those sites.

It’s a pretty interesting sandbox to playing in, and I’ll be watching the developments closely.

Further reading and resources:

3 thoughts on “OpenID and the Social Graph

  1. The process you describe with is built into the OpenID spec, and it’s known as OpenID delegation. Basically, you just need to put a few lines to code in the head of an HTML document, and you can use that URL as your OpenID. Click on my name and View Source to see what I mean. In my case, I use as my provider, but is my OpenID.

    Here’s a plugin to make your WordPress URL an OpenID via delegation:

  2. This post is spot-on. The second point about centralizing one’s own ‘social graph’ could be addressed by including it in a FOAF document. The access issue could be handled by only allowing people in the FOAF to see it. This is like Facebook where only one’s friends can see one’s profile.

    In the post you mention that with your AOL OpenId, some sites don’t work. My hunch is that this is because AOL don’t publish a discoverable Yadis document. Try getting an OpenId from, I’ve found them to be very reliable.

    Finally I’d like to respond to Luigi Montanez’s comment above (but bear in mind my bias as the author of Own-Id). I think the easiest method of
    delegating your OpenId depends on several factors:

    1. Do you have an editable web page under your own domain name?
    2. Are you comfortable with editing HTML?
    3. Do you know what to add to the HTML?
    4. Do you know the URL of your OpenId server?
    5. How easy is it to add a CNAME record to your DNS?

    If the answers 1-4 are ‘yes’ and the answer to number 5 is ‘not very’,
    then it’s easiest to go ahead and edit the HTML as Luigi suggests. If your DNS hosting company has an easy web interface (like GoDaddy) and you’re a bit shaky on any of the other questions, then I’d suggest that is for you.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.