Archive for March, 2010 Authenware Joins Openid Foundation

Archive for March, 2010 Authenware Joins OpenID Foundation

Posted at 4:44 pm on March 12, 2010 by jfe

Authenware today announced its membership in the OpenID Foundation – an industry organization aimed at protecting identities and intellectual property through the bolstering online security. Through its membership, Authenware becomes part of a community of IT powerhouses that seeks to collectively build awareness of the emerging digital security pandemic.

“The exploitation of security vulnerabilities creates a major obstacle for the expansion of the Internet as a trusted vehicle for communication and commerce,” said Tom Helou, president of Authenware. “For such a reason, we sought membership within the OpenID Foundation and are proud to partner with a broad spectrum of online leaders who share our values of security, privacy and strong identification.”

This entry was posted on Friday, March 12th, 2010 at 4:44 pm and is filed under News, Press Releases. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site. theSocialWeb.tv on the launch of the Open Identity Exchange

Posted at 11:48 am on March 9, 2010 by Chris Messina theSocialWeb.tv visits Citizen Space in San Francisco during the RSA Conference to sit down with Don Thibeau of the OpenID Foundation and Drummond Reed of the Information Card Foundation to discuss the launch of the Open Identity Exchange, the result of a year-long collaboration between the two foundations.

John McCrea and Chris Messina dive into the details of this announcement and what it means for the social web.

From openid.net/2010/03/ 1 25 November 2010

You can also download the video to watch it later.

Tags: Don Thibeau, drummond reed, information card foundation, oix, Open Identity Exchange

This entry was posted on Tuesday, March 9th, 2010 at 11:48 am and is filed under News. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site. NTT docomo is now an OpenID Provider

Posted at 8:35 am on by Nat Sakimura

The largest mobile operator in Japan, NTT docomo, which covers approximately 50% of Japanese population, started offering OpenID authentication on March 9.

Every docomo user has an identifier called i-modeID. Using this, users can single sign-on to mobile sites using docomo handsets, making one-click payment and other authenticated actions.

These kind of features fueled the great success of mobile commerce in Japan. However, this success has not been extended to the non-docomo handset world of the PC. For the PC, docomo offered a separate identifier called “docomo ID”. As it remained independent of “i-modeID”, it did not enjoy the same kind of popularity.

This situation was remedied today by linking the two different identity systems with OpenID.

As of today, a user can login to a site using “docomo ID” as an OpenID, then the site can obtain “i-mode ID” that is linked to the “docomo ID” transparently. It is expected that the payment on the PC sites through “i-mode payment service” would accelerate content sales through PC.

Some technical idiosyncrasies

NTT docomo published the docomoID Authentication Technical Specification on their web site. As an OP Identifier, one should specify “https://i.mydocomo.com/“. As a normal claimed identifier, one should specify “https://i.mydocomo.com/id/{user_unique_identifier}” where {user_unique_identifier}” is a random alpha-numeric string that is unique to the user-realm pair.

One peculiar feature of docomo’s implementation is that, to provide “i-mode ID” to the content providers, content providers should call a very simple GET API after they obtained the OpenID Assertion. The decision seems to have been made to avoid the transmission of i-mode ID through browsers, which may act as a man-in-the-middle attack point as users’ PC environment is not particularly safe. Using OAuth for this purpose seems to have been an option, but docomo seems to have decided that requiring it on top of OpenID to the content providers seemed to be a little too demanding. Thus, they devised this extremely simple API. Together with it, docomo also

From openid.net/2010/03/ 2 25 November 2010

defined a kind of contact service API, which allows the content providers to send mail [*1] to the user’s mobile phone without sharing the mail address.

According to their official page, there are 55,692,500 docomo subscribers as of February, 2010. Japan’s population over 15 as of Feb. 1, 2010 is 110,470,000.

[*1] Currently, this “contact service” is currently limited to send a mobile site URL

Tags: adoption, japan, mobile, nttdocomo

This entry was posted on Tuesday, March 9th, 2010 at 8:35 am and is filed under Case Studies, News. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site. Government of Japan started accepting OpenID

Posted at 5:09 am on by Nat Sakimura

Ministry of Economy, Trade and Industry of Japan (METI) launched a site called “IdeaBox“, which solicits ideas for IT Policy widely.

At the site, people can propose, discuss, and vote on policies. METI positions it as a network- based committee which is open to public. A similar site was operated last year from October to November and attracted over 1700 policy idea.

This version of IdeaBox, launched Feb 23, accepts OpenID so that one can login with the account from mixi, Yahoo! Japan, Livedoor and Google. It has various other social components so that one can also tweet about it directly from the site, bookmark it on delicous and hatena bookmark, etc. This initiative will run through March 15.

Site Address: http://open-meti.go.jp/

From openid.net/2010/03/ 3 25 November 2010

Tags: japan

This entry was posted on Tuesday, March 9th, 2010 at 5:09 am and is filed under Case Studies, News, government. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site. Open Identity Exchange Commences Open Government Pilot National Institutes of Health

Posted at 7:01 am on March 3, 2010 by jfe

Washington, D.C. — March 3, 2010 —The Open Identity Exchange (OIX) www.openidentityexchange.org, a non-profit organization dedicated to supporting an Internet- scale trust ecosystem, announced today it will commence work on an open government pilot under the requirements set forth by the ICAM Trust Framework Adoption Process (TFAP) established by U.S. General Services Administration (GSA). The National Institutes of Health (NIH) will serve as lead agency using open identity technologies to support a number of services, including customized library searches, access to training resources, registration for conferences, and use of medical research wikis, with strong privacy protections, all designed to ensure accessible and transparent communication between the government agency and U.S. citizens.

The OIX has been certified by the GSA as a Trust Framework Provider. This permits the OIX to issue certifications to Identity Providers who choose assessors and certification models, including the audited self-certification model championed by the OpenID Foundation. As lead government agency, the NIH is ready to move into production status with OpenID credentials for existing, pilot-status and future applications using NIH Login (now known as iTrust/NIH).

From openid.net/2010/03/ 4 25 November 2010

“The NIH has played a critical role pioneering the use of open identity standards for open government,” said Don Thibeau, chair of the OIX. “We want to acknowledge the critical role the agency has played as a pioneer in the government’s use of open identity standards. The impact of the NIH iTrust pilots is reflected not only in the formation of Open Identity Exchange in the marketplace but also in the groundbreaking leadership NIH has demonstrated in new public sector applications.”

“This pilot supports and illustrates the value of the President’s open government initiative. We believe deeply in using electronic identity technologies to enable communication between government entities and citizens,” said Dr. Peter Alterman, Senior Advisor to the NIH Chief Information Officer for Strategic Initiatives. “By doing so, we are sending a strong message to citizens that we care deeply about their security and privacy.”

This entry was posted on Wednesday, March 3rd, 2010 at 7:01 am and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site. Open Identity Exchange Launches at RSA

Posted at 6:56 am on by jfe

Washington, D.C. and San Francisco — March 3, 2010 — Industry leaders Google, PayPal, Equifax, VeriSign, Verizon, CA, and Booz Allen Hamilton today announced at the RSA Conference 2010 the formation of the Open Identity Exchange (OIX) www.openidentityexchange.org, a non-profit organization dedicated to building trust in the exchange of online identity credentials across public and private sectors. With initial grants from the OpenID Foundation (OIDF) and Information Card Foundation (ICF), OIX has been approved as a trust framework provider by the United States Government to certify online identity management providers to U.S. federal standards for identity assurance.

Trust frameworks are a new way for one site to trust the identity, security, and privacy assurances from another site (the “identity provider”) acting on behalf of a user. Google, Paypal, and Equifax are the first three identity providers certified by OIX to issue digital identity credentials that will be accepted for privacy-protected registration and login at U.S. government websites. Verizon is currently in the certification process and is expected to be completed shortly.

The National Institutes of Health (NIH) is the first government website accepting these credentials, including OpenID and Information Card logins, a capability it demonstrated today at the RSA Conference. Citizens can use open identity technologies to support a number of online services across websites, including customized library searches, access to training resources, conference registration, and medical research wikis, with strong privacy protections, all designed to ensure accessible and transparent communication between the government agency and U.S. citizens.

From openid.net/2010/03/ 5 25 November 2010

“We want to acknowledge the critical role NIH has played as a pioneer in the government’s use of open identity standards. The impact of the NIH iTrust pilots is reflected not only in the formation of Open Identity Exchange in the marketplace but also in the groundbreaking leadership NIH has demonstrated in new public sector applications,” said Dr. Peter Alterman, Senior Advisor to the NIH Chief Information Officer for Strategic Initiatives.

“OIX grew out of a public/private industry partnership initiated by the U.S. government at this conference last year,” said Don Thibeau, OIDF Executive Director and OIX Board Chair. “OpenID and Information Card technologies can solve the technical problem of using identity credentials across different websites, but can’t solve the problem of how those credentials can be trusted at different levels of assurance. OIX is a solution to this problem not just for the U.S. government, but for many different governments, industry alliances, non-profit associations, telcos, academic networks, and others all over the world who need to establish trust across a wide online population.”

The first official OIX trust framework meets the requirements set forth by the U.S. Identity, Credential, and Access Management (ICAM) Trust Framework Provider Adoption Process (TFPAP) established by the U.S. General Services Administration (GSA). This trust framework will enable the American public to participate in open, transparent and participatory government while maintaining full control of how much or how little personal information they share with federal websites at all times. “OIX means there is now a safe way to use an OpenID or an Information Card to register and login at any number of federal websites without needing a new username and password for each,” said Drummond Reed, ICF Executive Director and Acting Executive Director of OIX. “As we roll out progressively stronger levels of certification, this will empower U.S. citizens to access and mange their tax records, Social Security records, veteran’s benefits, and many other government services online.”

“Before organizations can confidently consume identity information produced by third parties, they need to have confidence in those third parties’ business processes and practices, and in the quality of the information they provide,” said Bob Blakley, Research Director, Burton Group Identity and Privacy Strategies, Gartner. “Before individuals can confidently provide information to third parties, they need to have confidence that their privacy will be protected by those third parties. The process of gaining confidence in a third party organization’s processes for collecting, verifying, handling, using, and disclosing identity information is called ‘identity assurance’. Identity assurance is a key building block for the production and consumption of identity information in open networks like the internet.”

OCLC Online Computer Library Center is another founding member of OIX because it wants to develop a cooperative trust framework for libraries and their users. “More than 72,000 libraries in 112 countries and territories around the world have used OCLC services to locate, acquire, catalog, lend and preserve library materials,” said Mike Teets, OCLC Vice President, Innovation. “An OCLC trust framework could broaden online access to those library materials, and make it easier for libraries to connect people to the knowledge they seek in any format— digital or print.”

From openid.net/2010/03/ 6 25 November 2010

OIX is currently working on development of trust frameworks for public media, telecommunications, library services, state and local governments, and professional associations. “We look forward to facilitating trusted transactions throughout the government and eventually Internet channels,” said Thibeau. “True trust requires the participation of a broad community so we are engaging industry, government, legal and academia leaders in how best to resolve challenges in usability, security and privacy.”

OIX Members and Industry Experts Discuss Open Trust Frameworks

“We’re pleased to be among the first organizations to be certified by the newly created OIX,” said Eric Sachs, Senior Product Manager at Google. “We’ve already seen encouraging implementations of identity technologies in the industry, and our hope is that the work of the OIX will expand on this progress to help facilitate more open government participation, as well as improve security on the Internet by reducing password use across websites.”

“Trusted identities and consumer control of personal information are essential to the effectiveness of transactions on the Internet,” said Andrew Nash, Senior Director of Identity Services for PayPal Inc. “Trusted frameworks that provide identity assurance are a critical factor in the success of the digital identity ecosystem.”

“We are honored to support this critical initiative and work with thought leaders of such a broad range of industry expertise,” said Ron Carpinella, Equifax’s Vice President of Identity Management. “As an innovator of knowledge-based authentication technology and the only information solutions company on this board, we look forward to advancing the development of an open trust platform initiative that will enable more secure and simplified interaction between consumers and the digital world.”

“VeriSign is excited to participate in the next phase in the creation and standardization of high assurance identity systems,” said Nicolas Popp, Vice President of Product Development at VeriSign. “Drawing from our experience in bringing trust to the Internet, we look forward to contributing to the development of a multichannel identity trust framework that will enable citizens to communicate openly with confidence.”

“Verizon shares OIX’s vision for establishing a framework for trust on the Internet,” said Peter Tippett, Vice President of Security Solutions and Enterprise Innovation at Verizon Business. “As a founding member of OIX, Verizon is working with other key Internet players to push for industry-wide reform that will forever change the way consumers and businesses interact on the Internet.”

“Trust, privacy and security are critical to the safe adoption of an identity based digital infrastructure. The formation of the Open Identity Exchange is an important step forward in creating the necessary framework to establish these criteria,” said Tim Brown, CA Chief Security Architect and Distinguished Engineer. “With the support of industry leading companies and the OpenID and Information Card Foundations, our efforts will help solve the digital trust problems that our governments and industry face.”

From openid.net/2010/03/ 7 25 November 2010

“With more people expecting to access services and information online, federal agencies need an easier, more secure approach when interacting with the public,” said Patrick Peck, Executive Vice President of Booz Allen Hamilton. “Trust Frameworks can provide this solution for more than 20,000 federal websites through streamlined registration and simplified logins, and we are excited about supporting this public-private partnership to bring operational benefits to service providers and better access to the citizens they support.”

Mike Teets from OCLC explains, “There is a surprising amount of valuable content available online through libraries that many consumers are not even aware of. Many states and national governments license a vast amount of resources for their citizens, and these could be made even more readily accessible through this initiative. OIX will put a key piece of the infrastructure puzzle in place to help libraries further reduce barriers of access to content, which is what OCLC is all about.”

“Digital trust should originate from the location where it naturally occurs, be it my municipality to validate my residency, my professional affiliations, my educational institutions, my family affiliations, my religious affiliations, etc.,” said Hal Warren, President of the OpenID Society, a chapter of the OIDF. “This requires a complex multi-faceted framework through which trusted claims can be transmitted and validated. This is the objective of the OIX. “Simplicity is complexity well done.”

“We look forward to facilitating trusted transactions throughout the government and eventually Internet channels,” said Thibeau. “True trust requires the participation of a broad community so we are engaging industry, government, legal and academia leaders in how best to resolve challenges in usability, security and privacy.”

About Google Inc.

Google’s innovative search technologies connect millions of people around the world with information every day. Founded in 1998 by Stanford Ph.D. students Larry Page and Sergey Brin, Google today is a top web property in all major global markets. Google’s targeted advertising program provides businesses of all sizes with measurable results, while enhancing the overall web experience for users. Google is headquartered in Silicon Valley with offices throughout the Americas, Europe and Asia. For more information, visit www.google.com.

About PayPal PayPal is the faster, safer way to pay and get paid online. The service allows members to send money without sharing financial information, with the flexibility to pay using their account balances, bank accounts, credit cards or promotional financing. With more than 81 million active accounts in 190 markets and 24 currencies around the world, PayPal enables global ecommerce. PayPal is an eBay company and is made up of three leading online payment services: the PayPal global payments platform, the Payflow Gateway, and Bill Me Later. More information can be found at https://www.paypal.com.

About Equifax From openid.net/2010/03/ 8 25 November 2010

Equifax empowers businesses and consumers with information they can trust. A global leader in information solutions, we leverage one of the largest sources of consumer and commercial data, along with advanced analytics and proprietary technology, to create customized insights that enrich both the performance of businesses and the lives of consumers.

With a strong heritage of innovation and leadership, Equifax continuously delivers innovative solutions with the highest integrity and reliability. Businesses – large and small – rely on us for consumer and business credit intelligence, portfolio management, fraud detection, decisioning technology, marketing tools, and much more. We empower individual consumers to manage their personal information, protect their identity, and maximize their financial well-being.

Headquartered in Atlanta, Georgia, Equifax Inc. operates in the U.S. and 14 other countries throughout North America, Latin America and Europe. Equifax is a member of Standard & Poor’s (S&P) 500® Index. Our common stock is traded on the New York Stock Exchange under the symbol EFX.

About VeriSign

VeriSign, Inc. (NASDAQ: VRSN) is the trusted provider of Internet infrastructure services for the networked world. Billions of times each day, VeriSign helps companies and consumers all over the world engage in communications and commerce with confidence. Additional news and information about the company is available at www.verisign.com.

About Verizon Business

Verizon Business, a unit of Verizon Communications (NYSE: VZ), is a global leader in communications and IT solutions. We combine professional expertise with one of the world’s most connected IP networks to deliver award-winning communications, IT, information security and network solutions. We securely connect today’s extended enterprises of widespread and mobile customers, partners, suppliers and employees – enabling them to increase productivity and efficiency and help preserve the environment. Many of the world’s largest businesses and governments – including 96 percent of the Fortune 1000 and thousands of government agencies and educational institutions – rely on our professional and managed services and network technologies to accelerate their business. Find out more at www.verizonbusiness.com.

About CA

CA (NASDAQ: CA), the world’s leading independent IT management software company, helps customers optimize IT for better business results. CA’s Enterprise IT Management solutions for mainframe and distributed computing enable Lean IT—empowering organizations to more effectively govern, manage and secure their IT operations. For more information, visit www.ca.com.

From openid.net/2010/03/ 9 25 November 2010

About Booz Allen Hamilton

Booz Allen Hamilton has been at the forefront of strategy and technology consulting for 95 years. Every day, government agencies, institutions, corporations, and not-for-profit organizations rely on the firm’s expertise and objectivity, and on the combined capabilities and dedication of our exceptional people to find solutions and seize opportunities. Providing a broad range of services in strategy, operations, organization and change, information technology, systems engineering, and program management, Booz Allen is committed to delivering results that endure.

With more than 22,000 people, Booz Allen generates $4.5 billion in annual revenue. To learn more about the firm, visit www.boozallen.com.

About OCLC Founded in 1967, OCLC is a nonprofit, membership, computer library service and research organization dedicated to the public purposes of furthering access to the world’s information and reducing library costs. More than 72,000 libraries in 112 countries have used OCLC services to locate, acquire, catalog, lend, preserve and manage library materials. Researchers, students, faculty, scholars, professional librarians and other information seekers use OCLC services to obtain bibliographic, abstract and full-text information when and where they need it. OCLC and its member libraries cooperatively produce and maintain WorldCat, the world’s largest online database for discovery of library resources. Search WorldCat.org on the Web. For more information, visit www.oclc.org.

About Open Identity Exchange

The Open Identity Exchange (OIX) is a neutral, non-profit, multi-channel provider of certification trust frameworks for open identity technologies. OIX was founded by grants from the OpenID and Information Card Foundations and support from companies including Google, PayPal, Equifax, VeriSign, Verizon, CA, and Booz Allen Hamilton. It also includes non-profit members such as OCLC and the OpenID Society. For more information visit www.openidentityexchange.org.

This entry was posted on Wednesday, March 3rd, 2010 at 6:56 am and is filed under News, Press Releases. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site. OpenID UX Summit at Sears Report

Posted at 4:59 pm on March 1, 2010 by jfe

Last Thursday over 60 OpenID advocates met at Sears World Headquarters in Chicago for a full day of discussions on progress to date and future plans for OpenID deployment and utilization.

From openid.net/2010/03/ 10 25 November 2010

There is a summary of the event on the OpenID Foundation wiki. See Twitter coverage of the event with the hash tag #openidux

Who Attended: Companies represented included Sears, NPR, PBS, AARP, MTV, Fox News, Universal Music Group, Kodak, Tribune Interactive, White Pages, OpenTable, Scout24/Deutsche Telecom, GameStop, Bank of America, Yahoo, Google, AOL, Microsoft, PayPal, Facebook, JanRain, Exact Target, Ping Identity, and others.

Updates from the Identity Providers: The session kicked off with presentations by Google (Joseph Smarr), Yahoo (Allen Tom), Microsoft (Angus Logan), Facebook (David Recordon), PayPal (Andrew Nash), and AOL (George Fletcher). Copies of many of the presentations are available on the OpenID Foundation wiki. Some key highlights from these sessions:

• Google is working on providing more API access to its OpenID Services, including Buzz, Portable Contacts, Activity Streams, OAuth WRAP, etc. Their OpenID service will also be certified by the newly formed Open Identity Exchange (OIX) for use on federal government websites.

• Yahoo has deployed an OpenID/OAuth hybrid deployment model for access control to Yahoo data and APIs including Contacts (address book), Yahoo Mail, and Yahoo Updates (Activity Streams). Allen went through a case study of how Yahoo OpenID and OAuth services are being used on Huffington Post and the many benefits to users of this experience. Allen described how Yahoo Updates allows posting back to 300M Yahoo homepage, 300M Yahoo Mail, 90M Yahoo Messenger, and 40M MyYahoo accounts.

• Microsoft reported that they have over 500 million active users across Windows LiveID, Bing, Xbox, HotMail, Messenger, MSN, and Office. They continue to making process in providing ’standards’ based access to user data and services. Angus described how Windows LiveID is currently being used across Windows Live and Xbox. He also discussed MS’ active involvement in OAuth/WRAP, Portable Contacts, OWF, and Activity Stream initiatives.

• PayPal described their work with the federal government in launching an OpenID service for federal websites. Consumer policy and permissioning mechanism based on the UMA model will be integrated into the IDP operation. They are currently working with a limited number of “white listed” commercial websites for deployment of their OpenID services. Organizations wishing to discuss acceptance of PayPal OpenID on their websites are encouraged to contact Andrew Nash.

• Facebook discussed the widespread adoption of Facebook Connect and how they have been accepting OpenID for logins for the past year. They continued to share user experience learnings from building Connect and stressed the importance of developer simplicity around OpenID this year. David demonstrated a killer multimedia demo where

From openid.net/2010/03/ 11 25 November 2010

a video feed dynamically consumed and displayed data from Facebook profiles via Connect.

• AOL reported that they will be upgrading their OpenID Provider service to V2.0 within the next few weeks. George discussed that they are pursuing a number additional enhancements based on emerging standards like XRD and webfinger. In addition, as an existing OpenID 2.0 Relying Party, AOL continues to expand the number of properties that accept OpenIDs.

• MySpace was unable to attend due to some last minute scheduling conflicts. Monica Keller, formerly an OpenID Advocate at MySpace has recently transitioned to Facebook and is now working with David Recordon on open standards initiatives.

Some History and Recommendations: After the updates from the Identity Providers, Brian Ellin, Product Manager at JanRain, chronicled the evolution of OpenID UX. Brian made a number of recommendations to RPs looking to drive adoption and usage of OpenID registration and login:

• Simplify the login and registration flow – rethink the process and optimize it for a third party approach, don’t just bolt it onto your existing page • Avoid lengthy registration forms. Engage quickly, progressively ask for data as needed. Import SREG, AX, and/or OAuth data where possible to pre-populate registration forms. • Remember user preferences and present only the preferred ID provider upon return visits. • Consider a branded button-driven interface, select the ID providers that are most relevant for your user base. • Queue the users right at the register/login link with favicons or other visual images and text that makes it clear that they can use existing accounts instead of having to create an entirely new account. • Placement of elements of the workflow on the webpage can impact adoption and usage • Consider combining registration and login into one integrated service • Use the OpenID UX extension for a pop-up interface that keeps the login process in the context of the host website – avoid the full browser redirect. Use check immediate mode when possible so user achieves a “single click login” experience. • OpenID for mobile applications is great – less typing required, easier to import data for registration forms, no username/password to input. Don’t use pop-up for mobile interface. • Use “verified email” from ID providers when available to eliminate the 2 step email verification registration flow that results in reduced success rates. • Use the OpenID/OAuth hybrid for access to rich user data including friends, address books, photos, etc.

From openid.net/2010/03/ 12 25 November 2010

By implementing these recommendations, Blink182.com saw that 60% of users opted for 3rd party registration over the legacy username/password option. Through a finely tuned implementation that evolved through iterative testing, Universal Music Group’s Lady Gaga website was able to achieve an astounding 89% 3rd party login preference over the traditional username/password option.

“Voice of the Customer” – Input from Website Operators: Next up were Daniel Jacobson from NPR, Rob Harles from Sears, and Jonathan Coffman from PBS representing the “voice of the customer.”

National Public Radio (NPR): Daniel Jacobson, Director of Application Development at NPR, was recently elected to the Board of Directors of the OpenID Foundation and as the Chairman of the Adoption Committee. He reported on goals and priorities of the Adoption Committee for the upcoming year. Daniel’s vision behind these goals is to help position OpenID as a product that will make it easier for website operators to implement while providing a better user experience for the end users. The top priorities supporting this vision include:

From openid.net/2010/03/ 13 25 November 2010

• Increased market research on the needs of RPs, OPs, and end users • Enhancement of the open source libraries • Marketing, education, and promotion • Improved ability to serve non-browser-based platforms, including mobile

Anyone willing to contribute to the discussion on how to increase adoption and usage of OpenID may want to subscribe to the Adoption Committee mailing list.

Daniel also described the research that NPR has been doing with OpenID and that their “end game” is shared identities across all public media. They are currently collaborating with PBS and the OpenID Foundation to determine the next steps in their identity sharing strategy.

Sears: Rob Harles, VP Social Media and Community at Sears Holdings Company, presented a summary of Sears recent deployment on the MySears and MyKmart communities as well as their plans to roll out across all the Sears websites. Rob was recently elected to the Board of Directors of the OpenID Foundation and serves as the Chairman of the Online Retailer Committee.

Rob reported that Sears has one of the fastest growing retail communities, with 400% growth in 2009. They deployed JanRain’s RPX integrated into the Viewpoints community platform to accept third party registration and login from Yahoo, Google, Facebook, MySpace, AOL, Twitter, Windows LiveID, and general OpenID accounts.

Additionally they surveyed their members to find out what drives interest in 3rd party login. The top two motivators were login convenience and the desire to not have to set up yet another username & password for a new account. When asked what would further improve user experience, the top two requests were the ability to share content and photos with friends.

Rob described their objectives as a combination of serving their existing customers better while also reaching out to a broader demographic than their traditional 35 to 53 year old female segment. He said that accepting registrations from a wide variety of identity providers definitely helped to expand their demographic reach.

Public Broadcasting Service (PBS): Jonathan Coffman, Social Media Strategist and Product Manager at PBS, was also recently elected to the Board of Directors of the OpenID Foundation and serves on the Adoption Committee. PBS has launched an OpenID service for use across PBS websites. Next steps for PBS include:

• Enhanced user profiles, including allowing RPs to store extended profile data at the OP • Begin building out the consumer side of system, allowing users to connect with and use their 3rd party accounts across ecosystem • PBS has teamed up with the OIDF to investigate what a Public Media Trust Framework, modeled after the US federal government trust framework, might entail

From openid.net/2010/03/ 14 25 November 2010

• Talking to Stations, Shows, NPR, and companies like Google and PayPal to envision a time when all of this might come together and to create a path forward.

Best Practices and Data Management: Finally, Allen Tom reviewed some best practices including account recovery/reset, attaching multiple identifiers, mobile authentication, and using WebFinger. Joseph Smarr discussed data management including updates on SREG, AX, OAuth, WRAP, Portable Contacts, and Activity Streams. Joseph acknowledged that there are a lot of moving parts and that things are changing quickly, so organizations who don’t have sufficient internal resources or expertise might want to consider outsourcing to a solution provider.

What was especially memorable for this event was the active involvement, questions, and recommendations from existing and prospective OPs. Representatives from Sears, NPR, PBS, AARP, MTV, Fox News, Universal Music Group, Kodak, Tribune Interactive, White Pages, Scout24/Deutsche Telecom, and GameStop provided lots of constructive feedback for the OpenID Foundation and the Identity Providers.

Thanks to the Sponsors: Many thanks to Sears for hosting the event, Google for providing video conference access from DC and Mt. View, and to all the participants who braved the Chicago weather and airport challenges to attend this exceptional event.

This entry was posted on Monday, March 1st, 2010 at 4:59 pm and is filed under Foundation, News. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

From openid.net/2010/03/ 15 25 November 2010