Aswath Rao shot me an emailÂ yesterday asking for my thoughts on his proposal to use OpenID for authentication on phone calls.Â He was reacting to Martin Geddes’ Conversational Vignettes, which pointed out, yet again, the need for an identification scheme for voice networks.Â
OpenID is a decentralized, and free framework for user-centric identity.Â The idea is pretty simple.Â You can use a URL to identify yourself, and the identity mechanism is fully distributed.Â Visit a web-site you haven’t been to before, type in your URI, and have it validated by an identity provider you have visited.Â You can even be your own identity provider. Aswath proposes attaching an OpenID to your SIP URI.
Holes?Â Well, as Phoneboy pointed out, there is no trusted authorityÂ required in the spec.Â But, according to the website, Verisign can provide that.Â Moreover, because it’s open and distributed, why couldn’t your employer, the local police station, your phone company or your churchÂ vouch for you?
I like it.Â It seems practical, and grounded in the real world to me.Â Over the holidays, I am going to check into whether there’s a WordPress implementation available, and try it out here.