The partner sites can also use the DandyID API to find other friends on each network based on their DandyID profile. Certainly sounds more interesting than say the "defaults" on Twitter.

I had a chance to meet with DandyID co-founders Sara Czyzewicz and Arron Kallenberg — check out our video below. They also discuss the API contest where developers can win a bunch of prizes by creating an interesting build on top of DandyID.

The real benefit is that users would no longer need to give third-party apps their username and password. Issues like we saw with TWPLY wouldn’t happen again.

Payne notes, "In the closed beta period, participants will be able to create and manage an unlimited number of OAuth applications. Any user will able  to access these applications, but only participants will be able to create them. More documentation forthcoming."

There has been a lot of talk from developers who want to see Twitter support the protocol. No word has been provided on how long the beta period will last or how many beta participants will be accepted.

Update: Well that was quick. The beta application period is closed due to overwhelming response.

Elected to serve two-year terms: Snorri Giorgetti, Nat Sakimura, Chris Messina, David Recordon. Elected to serve a one-year term: Eric Sachs, Scott Kveton, Brian Kissel. All positions will begin on January 1, 2009.

OpenID has a tough road ahead. I’ve written about the need for better marketing and more usability in the past and my concern stands today. OpenID now faces the mega-monster of Facebook Connect. Facebook Connect offers something OpenID doesn’t: traffic. Facebook Connect provides bloggers and application developers a way to get more visibility and potentially more traffic for their stories and applications. It’s more likely that the average Internet user will understand the Facebook Connect process than the OpenID process. This is why OpenID must focus on marketing and usability more than technical standards at this time. 

(note, due to massive spam hitting this story, I’ve had to close the comment form. If you have a comment, send it in via the feedback link above and I will add it. Apologies in advance.)

MySpace, Flock and Vidoop jointly developed OpenID for Flock which should help the Flock browser gain additional user adoption. OpenID for Flock is now available to all Flock 2.0 users as an alpha extension — my hope is that it becomes part of the default install over time. The companies note, "The MySpace, Flock and Vidoop (OpenID) implementation is a reference design released as open source under GPL, and as such, modifications by developers will be brought together and shared with the wider open source developer community."

Perhaps today’s announcement will push the other major browsers (IE, FF, Safari, Opera, etc.) to start looking at implementing OpenID into the browser as well. I am not talking about an extension or plugin, but rather a full integrated environment. If OpenID is going to gain in popularity and usability, it’s critical that using an OpenID login as easy as possible.

With all of the talk over the last few days about Facebook Connect, it sure does look like eventually we will have an old-style Western duel setup. Facebook Connect vs. OpenID – let’s get it on!

From my own experience I am hesistant to create accounts at every online merchant. If I have the option to purchase products without the account creation step, I typically go for it. I would rather type in the required information again in the future. There is no specific reason why I don’t want to create accounts all over the place — maybe I just want to keep the number of accounts I have low.

What about OpenID?

Online merchants should implement OpenID. I could then provide my details like my address, phone, etc. only to my OpenID provider. There are a number of extensions to the OpenID protocol which support this type of account: Simple Registration and Attribute Exchange (also see Dennis Blöte’s excellent article on the topic). Both extensions allow transfer of profile data from an OpenID provider to a relying party, e.g. a merchant. The first time I confirm my OpenID to a merchant, the merchant will ask for ask to retrieve the data. If I accept, all future authentication requests will be made automatically.

So what happens if my address changes? Before OpenID, I have to change my address in every merchant’s database. I think that’s unnecessary. Merchants don’t even have to store that data thanks to Simple Registration and Attribute Exchange. Assuming my address changes I will update it at my OpenID provider. When returning to a merchant it simply asks my provider for the necessary details again and the updated information is provided to the merchant. It’s really that simple: the merchant will always have updated data but doesn’t have to store it and doesn’t even have to ask me for it. When the products are delivered and paid, it can delete my data.

Recommendations

Can online shopping be even more convenient? Yes, and here APML immediately comes to mind. It collects users’ attention data and their interests, e.g. their favorite music or movies. Just think of Amazon’s recommendation system. The data is stored in a file which can be shared and parsed by any services that support the APML standard.

The APML file can be stored anywhere. Why not at my OpenID provider? A merchant could ask for that file and, upon request, it gets transferred. Once the file is transferred, I would get recommendations based on my attention profile even if it’s the first time I visit the shop. For example, A music merchant could access my APML file which contains all the music I have listened to on Last.fm. And that’s the difference with Amazon which can only recommend products to me if I have already purchased products on Amazon.com or have surfed the site in detail. A shop supporting APML can provide the same thing immediately.

After I make a purchase at a merchant who accepts APML, it would be great if they would update my APML file and then send the updated file back to my OpenID provider. I have no idea how to make this work, just seems to make sense. Maybe OAuth is a solution or even Attribute Exchange as it is capable of storing data at the OpenID provider.

Conclusion

I think OpenID could really help make online shopping more user-friendly. There are benefits for both customers and shops. Customers don’t have to deal with registration processes anymore and get better recommendations for products they might be interested in. Shops will always have more accurate customer data and with APML support they could even boost sales because customers are only shown relevant products. Merchants can also save money on data management.

This article was authored by Carsten Pötter. Carsten blogs about OpenID and related topics from an end-user perspective at notsorelevant.com.

Janrain explains how this new verification service works, "This phone-based authentication service can use any phone (mobile or landline) as a second authentication factor. The user enters a myOpenID username and password as usual, then simply answers an automated instant telephone call and presses #. This completes the authentication process. Complete two-factor authentication and identity protection is instantly enabled with no need for tokens, smart cards or certificates. CallVerifID is currently available for free to myOpenID users and as an additional service for business clients provisioning OpenIDs to both customers and employees."

This works with myOpenID as the OpenID provider and can work with other OpenID providers as well. myOpenID always runs in SSL secure mode which keeps the security level on high. Audit trail that will alert users to unauthorized access to their account. To signup, go to myOpenID and select CallVerifID as the authentication provider.

Last month JanRain launched the OpenID selector which is a way to easily login without having to remember the OpenID username string.

I spoke at length with the group leading the OpenID charge, Janrain’s Brian Kissel and Tore Steen last week. I enjoyed chatting with them as I find OpenID to be a powerful vehicle and it’s interesting to learn what’s going on from their side. From my side, I am starting to believe that we don’t need to market the term ‘OpenID’ to consumers. No one cares about the technology, they only want to login to their favorite service using their AOL or Google id. It’s like TCP/IP, no one cares how it works, just that our email shows up in the inbox and Twitter loads when we want to tell our friends we just saw Britney at CVS. I’d still like to see a browser plugin that allows me to login once and passes the info around as needed – that’d be super hot.

With that said, this OpenID Selector is a great first step towards mainstream adoption. Rafe Needleman at Webware has some additional commentary on the release.

The OpenID Foundation was formed in June 2007 to support and promote the technology developed by the OpenID community. Members includes individuals, students, non-profits, startups and industry giants that have come together to develop and promote open identity management on the Web.

The OpenID Foundation also released some stats related to adoption and usage. More than 10,000 Web sites support OpenID log-ins, and an estimated 350 million OpenID enabled URLs currently exist.

I continue to stand firm that what OpenID needs is marketing more than technology. Yahoo’s implementation of YahooID last week is a good move towards adoption of OpenID across the Web.

Update: Mike Arrington notes that everyone wants to be a provider to "own" the user. This is a good point and certainly a reason why these big names are joining up quickly. First one in the pool wins!

So who will be next to signup? Facebook? MySpace? Fox Interactive? IAC? I am guessing this will now move as the DataPortability group is moving forward in terms of corporate registrations.

Check out all of our video coverage of the Internet Identity Workshop last year.

This could help to lead rapid adoption of the OpenID initiative as average Internet users have no idea how to setup or use an OpenID, but using their Yahoo ID is nice and easy. Mr. Ostrow agrees with my take.

I still believe that if OpenID is going to work, it’s going to take better marketing and adoption strategy rather than more technical rollouts. It’s a great idea, but without marketing force and education behind it, OpenID won’t go anywhere.

There is a flip-side to using a company as your OpenID provider versus creating your own. What happens if the provider (Yahoo in this case) goes out of business, changes policies that you don’t agree with or you just want to switch? How easy will this be?

Technorati has announced

I am pretty sure I would never use my Technorati profile to authenticate as an OpenID provider, but it’s a good marketing bit. It’s a good way to show that your profile could be used in this manner — something many might not know about (I didn’t). Technorati also began supporting OpenID for profile creation in October 2007.

Another update they have made over the past day which I do find beneficial is the addition of a URL link on the authority pages. In the past, some of the headlines linked directly to a site, but the majority of the time, the story linked to the site’s Technorati profile. This was a huge frustration factor for me as I want to see what the site says about me or a client, not the site’s profile page. Now (as shown below) they have the link to the profile and directly below it the full URL linked to the actual site. Bravo!

• For Sh** he calls out: Digg, Netvibes, Last.fm, PBWiki, MyBlogLog, Technorati and Wikipedia.
• For Hit he calls out: Satisfaction, Twitter, Drupal, Plazes, Pounce, Ning, LinkedIn, SlideShare, TripIt, Blip.TV, Viddler, YouTube, Wordpress and Pandora.
• For Wish he calls out: Facebook, Yahoo, Microsoft, Google, Mozilla, MySpace, Hi5, Bebo, Orkut, and Adobe.

Basically any internet company that has more than 100 users he has put in one of three categories. Just a thought but will companies start supporting OpenID when there’s a reason for them to? Sure Janrain told me that it’s easier to implement OpenID than create an authentication scheme but what startup today would go OpenID only? Are there any? I certainly haven’t come across any hard reasons yet. This is not to say I don’t like OpenID, I do. Having one authentication for every startup I review would save me hours per week and frustration as well.

OpenID needs marketing first, outside of the tight MessinaCircle®, I don’t hear OpenID discussed on a regular basis. We need to get the conversation moving past the circle and then it might have a chance. That or Google says only OpenID from now on. That’d do it too.

After a fascinating, information overloading, three days at The IIW (Internet Identity Workshop) in Mountain View, California, we are finally back in NYC. The workshop was a conglomerate, a who’s who; of some the brightest minds in Internet Identity Technology from across the globe. There were representatives from every end of the digital spectrum; from non-profits to some of the largest corporations in the world, all collaborating in synergy to discuss how to advance online identity. Ultimately with everyone sharing the same common goal; to try and make online identity easy to understand and manage for every Internet user. One of the most important features of this conference is that there is no predefined agenda. All topics and seminars are created on the fly and can be initiated by anyone in attendance. This unique formula allows for one discussion topic in one seminar to lead to an entirely new seminar on any of the evolving relative issues.

The BeenVerified.com team was in attendance to attain and exchange knowledge and see if there was anyway for us to educate the general public on some of the various protocols, projects, and companies involved. So we figured what better way then to hear explanations from the leaders of these initiatives themselves. Here is our video diary of a number of really exceptional forward thinking individuals.

Phil Windley and Kaliya Hamlin, Internet Identity Workshop 2007b

Phil Windley and Kaliya Hamlin discuss online identity and what the Internet Identity Workshop is all about.

David Recordon – Six Apart, OpenID

David Recordon from Six Apart and Vice Chair of OpenID foundation discusses OpenID.

Josh Levy, CEO and Co-Founder of BeenVerified.com

Josh Levy, one of the co-founders of BeenVerified.com, talking about what BeenVerified does and why IIW is so important.

Eran Hammer-Lahav and Chris Messina, OAuth

Eran Hammer-Lahav and Chris Messina discuss the highly anticipated release of the OAuth 1.0 spec and what OAuth helps to solve.

Mike Jones, Microsoft/Cardspace

Mike Jones discussing the features and benefits of Microsoft’s CardSpace and Information Cards.

Joseph Smarr, Plaxo

Joseph Smarr from Plaxo talks about the open web and what Plaxo is doing to make online identity easier to use across the social graph.

Terrell Russell, ClaimID

Terrell Russell of ClaimID.com talks about what ClaimID does and how it helps people take control of their online identity with respect to search engines.

Michael Graves, CTO, JanRain, Inc.

Michael Graves, CTO of JanRain, Inc., discusses JanRain services and OpenID.

Paul Trevithick – Higgins Project

Paul Trevithick is the co-team leader at the open-source Higgins Project. Here he details how Higgins contributes to the open source information card project.

Drummond Reed, XRI/XDI/iNames

Drummond Reed defines XRI and XDI, a new approach to identity identifiers on the web through the use of i-names.

Pamela Dingle – Pamela Project

Pamela Dingle discusses the efforts the Pamela Project has developed to easily integrate Information Cards into any website or community.

Ashish Jain, Ping Identity

The Director of Technology, Ashish Jain, from Ping Identity discusses what Ping Identity brings to enterprises and the online identity world.

Janrain noted today – OpenID 2.0 offers an improved user experience for consumers and reduces Web application development time by up to 30-40%.

New features for users include:

• Security Improvements – Heightened authentication procedures dramatically reduce the risk of identity theft and phishing attacks.
• Attribute Exchange – Enables OpenIDs to transport detailed profile information including frequent flyer numbers, calendar information and favorite books and movies.
• Directed Identity – Individuals who wish to maintain more than one profile now have access to single sign-on without the using the same OpenID on each site.

New features for developers include:

• Ubiquitous Library Support – Application developers benefit from high-quality library support available from JanRain and other vendors for all popular languages and platforms.
• Extensible Discovery – XML based OpenID discovery. Rich service content available at OpenID service endpoint.
• Extensions – Formalized extensions enable new technologies such as Attribute Exchange.
• Identifier Recycling – Formal policies and procedures now exist to handle expired OpenIDs.

We spoke about the technology side of OpenID 2.0 for half the call, and the marketing/outreach side for the other half. Here are my notes from the call. And please read Marshall Kirkpatrick’s article on making OpenID easy.

OpenID 2.0 is more secure with better cryptography than the previous releases. Larry kept hitting on the point that the 2.0 release will have actual documentation which is a good thing. I hear there are several hundred pages of documentation. Available on the Kindle?

OpenID 2.0 comes with identifyer recycling – Larry noted that the largest Internet players (msn, aol, etc.) can often run out of logins, and OpenID 2.0 fixes this as it allows the providers to reuse the logins as needed.

Directed Identity is another new feature. Basically what this allows a site to do is to associate a person’s OpenID login with other accounts to build a reputation level. This is pretty cool – could be the reputation system we’ve been speaking about for ten years now.

There are 160 million "enabled" users – this includes any AOL user. Of course this is not the same as "active" users – the 160 million refers to accounts that could be used with OpenID.

Apple’s Leopard operating system comes with built-in OpenID libraries. This is the first time that an OS comes with OpenID built into the core.

We briefly spoke about Pibb and Larry noted, "We believe communication is the killer app of the Internet and the current crop of communication tools has stalled on features and functions." Pibb has 8000 users and they are working towards a 2.0 release early next year. Naturally it will be rich in OpenID functionality.

One of the things I asked about is why there is no browser plugin with OpenID built-in. This way, when I hit a site that uses it, it automatically logs me in and gets everything setup in the background without any work on my part. Larry said there is a plugin in the works for Firefox called "Seatbelt" and it’s created by Verisign.

There is talk that Google and Microsoft will begin supporting OpenID as well. Google announced yesterday that Blogger now supports OpenID for commenting.

Fine, the technical side of OpenID 2.0 is set and ready-to-go. It’s hot. Now, what I’d like to see is marketing staff added to the project. Let’s make this a bit sexier, and way more consumer-friendly. I’d love to see OpenID camps only for marketing. OpenID has to become as common a term as Google is for searches or iPod is for music devices. When we reach this point, the 160 million enabled users will actually become active users. And then instead of focusing our time building "YALS" (yet another login system), we can focus on building great applications and let the login be handled by OpenID.

While startups have been popping up left and right for over a year, most of the startups create their own user system. Which means that on almost every cool new startup's site, you have to create and manage a new account. OpenID is a decentralized identity system which allows you to create one single account and use it all across the web.

So what do I mean when I say 'decentralized identity'? Basically, you can host your identity on any server that you choose, whether you put up your own or use alternatives like myopenid.com. This means that if you want to keep your information away from individual websites you can use your OpenID account and login safely without giving your information away.

This is one of two reasons why OpenID is booming right now. Not only does it keep a lot of your information safe it also makes being a big time web service user much easier to manage. As I mentioned before you only have to manage your one account and you're all set.

Having a service such as this, where you can create your single account and use it everywhere has been a hard thing to accomplish, or at least make successful. The hard part about it has been the adoption process. Getting large well known sites, to implement the OpenID system hasn't been the easiest task, but now there are companies jumping on the bandwagon. The main reason for this is that it costs virtually nothing to implement and many people would like to use their OpenID accounts.

Though it may be too early to call I think that OpenID is going to be a huge success. It is really in the adoption phase at the moment, and I think that if people keep getting excited about having a decentralized account for all of their web accounts, more companies will continue to integrate it into their web services.