Our next project will support OpenID which, as I mentioned before, rocks!

There are a couple of flaws with it though. First, it’s only an identity service so there is no way to know if the person is trustworthy. All you know is that they own the ID. Second, it’s missing an email address, so if you want to contact that person you can’t (i think).

Well there is one service out there that offers an open reputation platform for email called rapleaf. We use them on junkdepot and it works wonderfly!

I think it would be amazing if rapleaf offered support for open id’s that way you could tie a reputation to the identity and even an email (via the rapleaf api).

All they would need to do is extend their api to support lookups by openid and allow users to claim an openid on their rapleaf profile.

I sent them an email asking if they plan to do it. I’ll let you know what they say… here’s hoping!

It’s the age old problem… I have at least 50 user accounts on different web sites; del.icio.us, gmail, digg, etc… All of them with similar usernames and passwords. How nice would it be to have a single login that I can use to identify myself uniquely to any site or service. Enter the “new” OpenID standard and yet another great idea by the folks at SixApart. I know it sounds like microsoft passport but this is different because you can control every aspect of it, you can even run your own openid server.

With OpenID you’re user name becomes your website or blog url (if you have one). If you don’t have a blog or want one you can sign up with an openid provider.  So if you see a comment on your blog from “3.rdrail.net” you can be sure we added it. If you see comments by “3.rdrail.net.somespammer.com”, it should be obvious that we didn’t.

Again, our OpenID is 3.rdrail.net, if you goto our site and look in the head tag you’ll see the following:

<link rel="openid.server"
        href="http://www.myopenid.com/server" />
  <link rel="openid.delegate"
        href="http://tjake.myopenid.com/” />
  <meta http-equiv=”X-XRDS-Location”
        content=”http://www.myopenid.com/xrds?username=tjake.myopenid.com” />

This redirects a OpenID enabled service to my OpenID provider.

So if I use a openid enabled service, I enter my domain which proxies to my openid provider. Once I login to my OpenID provider and an openid persona (registration details) are sent along to that service.

This is under my control, I can deny services from accessing my persona, change my OpenID provider at anytime or run my own OpenID service. Thats why it rocks. It’s simple for newbies but experts have complete control over their own service.

You can be sure that our next project will include OpenID integration (We’ll try to add it to junkdepot.com too!)