OpenID and Identity Services
By Nishant Kaushik on May 05, 2008
In response to my previous blog post about identity services, I received the following question from Billy:
"isn't this what OpenID aims to do? If not, how not?"OpenID can be a small (but key) part of the identity services story. The main problem that OpenID tries to solve is one that most people who use the internet extensively face - that of too many usernames and passwords. Instead of having to remember a username/password combo for each website I interact with (Google, Yahoo, Flickr, Magnolia, banking websites, blogs, etc), I can set up and use a single OpenID account at all those websites instead. OpenID also hopes to provide a number of technological advantages to the whole authentication experience by figuring out ways to prevent phishing and pharming attacks.
So OpenID's main aim is at providing a secure, scalable solution for the authentication service in the identity stack (see below for the latest diagram of the identity services stack, or read our whitepaper on the subject). To a lesser extent, it also hopes to help the identity provider and authorization services by becoming a transport container for identity claims that drive these services.
Identity Services Stack