I’ve men­tioned OpenID here and here before (the first only in pass­ing), in the con­text of frag­ment­ing social net­works and Live­Jour­nal. By the way, check out the sec­ond of those posts… for meta-writing/meta-blogging, it’s (IMO) sur­pris­ingly good! I was pleased.

Any­way — OpenID is still around 10 months later (though the spec was last updated around the time I last wrote on the mat­ter), WordPress.com have announced they are now an IdP for it, and it seems every­one wants to be a provider, not a con­sumer (in OID spec par­lance, con­sumer means the web­site request­ing ver­i­fi­ca­tion of an Iden­tity — “end user” is the term given to an actual human user).

In fact, Ma.gnolia.com is the only OpenID con­sum­ing site of con­se­quence that I’ve encoun­tered thus far in my trav­els. Which is, to say the least, slightly perplexing.

I’m aware the whole point of OpenID is that it’s a vastly decen­tralised spec that enables myr­iad providers to exist, but it seems some­what redun­dant (in the sense in which that means “point­less, with­out pur­pose”, not failover-type redun­dancy) if there does not exist a sin­gle con­sumer of consequence!

And, let’s face it, why should being a con­sumer be attrac­tive? You know less about your cus­tomers, they can bail on you more quickly, and… all of a sud­den, adver­tis­ing is the only way of mon­etis­ing a web­site. Jan­Rain oper­ate “MyOpenID: Your first (and last) iden­tity provider”, as well as a cou­ple of ser­vices that use OpenID, and have (to my eyes, at least) no con­ceiv­able way of gen­er­at­ing rev­enue at present.

Which is poten­tially fine, but com­pletely stu­pid if that’s hap­pen­ing on a wider scale. As a con­cept, OpenID has much to offer — I just wouldn’t use it in CYIADA. I might con­sider it for smaller projects (com­mer­cial clients), but, really, I think it’d have a bet­ter chance if Myspace were an OpenID provider. And we all know what they’re like when it comes to web stan­dards (and gen­eral usabil­ity issues)!

Plus, of course, there’s the issue of the pop­u­lar­ity of up-stream providers if you want to ver­ify against some­thing other than OpenID (like, for exam­ple, someone’s Google account — which you can do quite eas­ily using var­i­ous API tools they pro­vide). With any­thing youth tar­geted, there’s a spe­cial impe­tus that we don’t really see in other places. I read this absolutely hilar­i­ous com­ment on a great analy­sis of an arti­cle about Myspace:

It’s easy to imag­ine teenagers as a pack of wilde­beests on a grassy plain, sim­ply run­ning with wild abandon.

Why yes, yes it is. They’re not (arti­cle has more on this), but the bot­tom line is if you’re using exter­nal ver­i­fi­ca­tion ser­vices, you’re depen­dent on the exis­tence and longevity of these ser­vices for the exis­tence and longevity of your ser­vices, not the least in user pro­fil­ing and build­ing up mean­ing­ful mar­ket data so you can adjust your mix to a known audience.

OpenID feels like a won­der­ful tech­nol­ogy in a chicken-egg sit­u­a­tion. It’s still just too bloody geeky for your aver­age LJ user to get on board with. And they’ve got it easy. For any­one else, it’s com­pletely impossible.

Here in Syd­ney, we could prob­a­bly get away set­ting up ver­i­fi­ca­tion against Win­dows Live sim­ply because that’s what peo­ple use here, as I have noted before (about halfway down the post linked). But devel­op­ing dif­fer­ent autho­ri­sa­tion schemes as a mat­ter of local­i­sa­tion is most def­i­nitely not in my book of best prac­tices (if I were ever to write one :P) — so, instead, frag­mented Inter­net iden­ti­ties persist.

That bugs me.

If you have any answers or thoughts… let me know. Blog about it and send a pingback/trackback. That’s one of the few open stan­dards that’s worked well on the web, albeit with plenty of spam abuse, but there’s of course the prob­lem that not enough peo­ple are socially blog­ging aside from soft­ware devel­op­ers and design geeks and… what­ever cat­e­gory I fit into (“web strate­gist” is still what I’m call­ing myself… we’ll see how much longer that sticks) — so, of course, there’s no instinct to reply in this manner.

In the same way, devel­oper and busi­ness instinct is to build your own authen­ti­ca­tion and pro­fil­ing plat­form. Is it worth resisting?