Wednesday, April 23, 2008

Data Portability, OpenID, OAuth and the Enterprise

This session was led by Marshall Kirkpatrick of ReadWriteWeb.
The panel included: David Recordon Artur Bergman Joseph Smarr
Danny Kolke.
OpenID is authentication
OAuth is authorization.
OAuth overcomes the problem of having to give your password for one site to another site to allow them access to some of your data.
Microsoft has CardSpace for authentication in Windows Vista but Microsoft has announced support for OpenID.
OpenID differs from Liberty Alliance or Passport in that no company owns the technology since it is an open source technology.
OpenID is very simple and even in newer implementation it is still simpler than enterprise derived solutions that start out with great complexity. OpenID is technology agnostic.
David Recordon took us in to some geekier examples. Imagine an example where Free/Busy calendar information could be shared across companies and platforms by combining OpenID, OAuth and hCard/hCal in to a more sophisticated service.
The consumer internet companies have proven to be very good at building for scale and building for adoption. OpenID, OAuth and other protocols are benefiting from this expertise.
Higgins integrates with OpenID and is being supported by IBM and others.
OpenID has been around for 3 years and is growing rapidly in adoption. OAuth is much newer but the evolution is happening even more quickly.