Simon Willison’s Weblog

HTML 5 vs. Yadis. The draft HTML5 spec currently disallows values for http-equiv and link rel which aren’t listed in the spec—meaning both methods of specifying a link to an OpenID server are invalid for HTML5. This should probably be fixed... # 19th April 2008, 4:35 pm

PayPal Plans to Ban Unsafe Browsers. At first I thought they were going to encourage real anti-phishing features in browsers, which would be a big win for OpenID... but it turns out they’re just requiring EV SSL certificates which have been proven not to actually work. # 19th April 2008, 10:45 am

OpenID for Google Accounts. Google App Engine integrates with Google’s user accounts, so Ryan Barrett (of Google) used it to build an idproxy.net style OpenID provider. # 9th April 2008, 1:09 am

OpenID and Spam. Matt Mullenweg: “OpenID has a ton of promise for the web—let’s not hurt it by setting people up for disappointment by telling them it’s a spam blocker when it’s not.” True for the case of general registration, but I still believe whitelisting known OpenIDs could be a powerful tool for fighting spam on personal sites. # 2nd April 2008, 7:33 pm

Interviewing Simon Willison about OpenID. I sat down with Vikram Kumar at Webstock to talk about OpenID, and the video is now online. # 30th March 2008, 6:40 pm

The real roadblocks to data portability on social networks. A bunch of smart questions posed by Facebook’s Dave Morin. This is why I think data portability is the wrong framing—moving data between sites is really hard. Importing social relationships between sites is much more viable (hence my interest in social network portability). Also, the complaints about systems sharing e-mail addresses are neatly addressed by using OpenID as the GUID for a user instead. OpenIDs can’t be spammed. # 26th March 2008, 7:53 pm

Clickpass. Peter Nixey’s new OpenID startup has finally launched—does a great job of making OpenID more approachable with a clean, well designed UI and a neat orange button. # 11th March 2008, 4:47 pm

A proposal: email to URL mapping. Brad’s just too damn smart. A simple solution to mapping an e-mail address to an OpenID that takes advantage of existing technology (YADIS) and doesn’t adversely affect e-mail privacy. # 8th February 2008, 11:39 am

Interview: Simon Willison on OpenID. Christian Heilmann interviewed me for the YDN blog. # 3rd February 2008, 10:18 pm

Yahoo! OpenID Provider service now available as a public beta. This actually happened a few days ago, but I’ve been offline for the past week travelling to New Zealand and attending Kiwi Foo. # 3rd February 2008, 10:17 pm

Telegraph to become OpenID provider (via) “The Telegraph will soon become the first newspaper in the world, and the first British media company, to become an OpenID provider.”. Didn’t see that one coming! # 21st January 2008, 2:43 pm

Yahoo! supporting OpenID 2.0 but not 1.1. Yahoo!’s Allen Tom outlines the reasons Yahoo! are supporting OpenID 2.0 but not OpenID 1.1. # 19th January 2008, 9:10 am

Yahoo! OpenIDs are the same for all RPs. I had assumed that Yahoo! would be using directed identity to provide a different OpenID for each user/site combination, to prevent correlation of accounts. I was incorrect; they’re just using it for easier sign-in, with the same auto-generated URL used for every site. # 19th January 2008, 9:05 am

New feature: Blogger as OpenID provider (via) You can now enable your Blogger blog as an OpenID. # 18th January 2008, 1:38 pm

openid.yahoo.com. Yahoo!’s human readable guide to OpenID, complete with tour. It looks like they’re relying on the “sign-in seal” to protect against phishing. # 17th January 2008, 2:35 pm

Yahoo! Announces Support for OpenID. Here’s the official press release: “Yahoo! Support Triples Number of OpenID Accounts to 368 million”. Directed identity gets a mention; it’s going to be enabled for www.yahoo.com and www.flickr.com. The public beta starts on January 30th. # 17th January 2008, 2:29 pm

twauth: simple mobile openid using twitter (via) Brilliant proof of concept by Ian McKellar: an OpenID provider that authenticates you by sending you a Twitter direct message. # 14th January 2008, 10:28 pm

Flickr to Authenticate OpenID. Flickr /photos/username/ pages are now (almost) OpenIDs—they point at a new Yahoo!-wide OpenID server, but it hasn’t been switched on yet. It’s OpenID 2 only, presumably so Yahoo! can protect their users’ privacy by using directed identity to hide individual screen names. # 7th January 2008, 10:48 pm

OpenID and Google’s Blogger. Blogger gets it wrong by displaying a nickname derived from the OpenID URL (in Malcolm’s case, “blog”) instead of the user entered nickname. # 30th December 2007, 10:35 am

James Henstridge: OpenID 2.0. Excellent description of the new features in OpenID 2.0, including a clear explanation of directed identity and attribute exchange. # 7th December 2007, 11:53 am

Thanks to OpenID and OAuth, the Open Social Web is Beginning to Emerge. My blog’s OpenID powered watchlist and “your comments” features got a write-up on Wired! Nice to know that someone has noticed them. # 7th December 2007, 12:57 am

DiSo: Distributed Social Networking applications (via) New project to prototype a decentralised social network on top of WordPress, using OpenID, microformats and social whitelisting. # 6th December 2007, 5:48 pm

OpenID 2.0 Final(ly)! Launched at the Internet Identity Workshop. The most interesting feature is probably directed identity, which goes a long way to solving some of the usability issues involved in users having to enter their own URLs. # 5th December 2007, 9:01 pm

Call for Participation for XTech 2008. XTech 2008 will be in Dublin, Ireland from the 6th to the 9th of May. Lots of really interesting topics in the CfP (OpenID, OAuth, Comet, CouchDB...)—deadline for submissions is the 25th of January. # 5th December 2007, 3:28 pm

Blogger: OpenID commenting (via) I may be wrong, but I think this is the first Google property to support OpenID in any way. # 30th November 2007, 7:10 pm

Portable Social Networks: Take Your Friends with You. Brian Suda explains how OpenID, XFN and hCard can be used together to bootstrap portable social networks. # 23rd November 2007, 11:56 pm

Giant Global Graph. Tim Berners-Lee points out that the Semantic Web is designed to solve problems such as portable social networks. # 22nd November 2007, 12:30 am

How will OpenID change your site? Excellent introduction to OpenID by Peter Nixey—includes some really nice analogies for explaining both the concept and the implications. # 7th November 2007, 10:41 am

MyOpenID adds Information Card Support. First client SSL certificates, now Information Cards. MyOpenID is certainly taking browser-based phishing solutions seriously. # 18th October 2007, 9:10 pm

OpenID.net has been redesigned. Love the new look—much cleaner and easier to understand, and it now gives people looking to get themselves an OpenID somewhere to go. # 9th October 2007, 2 am