Aswath Rao shot me an email yesterday asking for my thoughts on his proposal to use OpenID for authentication on phone calls. He was reacting to Martin Geddes’ Conversational Vignettes, which pointed out, yet again, the need for an identification scheme for voice networks.Â
OpenID is a decentralized, and free framework for user-centric identity. The idea is pretty simple. You can use a URL to identify yourself, and the identity mechanism is fully distributed. Visit a web-site you haven’t been to before, type in your URI, and have it validated by an identity provider you have visited. You can even be your own identity provider. Aswath proposes attaching an OpenID to your SIP URI.
Holes? Well, as Phoneboy pointed out, there is no trusted authority required in the spec. But, according to the website, Verisign can provide that. Moreover, because it’s open and distributed, why couldn’t your employer, the local police station, your phone company or your church vouch for you?
I like it. It seems practical, and grounded in the real world to me. Over the holidays, I am going to check into whether there’s a WordPress implementation available, and try it out here.
Alec Saunders is the Vice President of Developer Relations for BlackBerry make Research in Motion. This is his personal blog, with his personal viewpoints. Prior to this Alec was the CEO and co-founder of Calliflower — the easiest way to hold a meeting, online, on a conference call, or on the go. A double-decade veteran of product management and marketing, he spent nine years at Microsoft where he helped launch Windows 95, the first two versions of Internet Explorer, the Universal Plug and Play initiative, the push into home markets, opt-in email marketing and what might well go down in history as the very first direct email list ever.
{ 4 comments… read them below or add one }
VoIP with OpenID is a great idea. We keep seeing new applications for it that solve really specific problems for different verticals. Its amazing what an extremely thin layer of identity (in OpenID’s case, really just authentication) can do for so many different applications.
As for the WordPress plugin, there is a great one here:
http://verselogic.net/projects/wordpress/wordpress-openid-plugin/
Although the site appears to be down at the moment. I’m using it on a few sites and its just great. FYI.
There is a Wordpress OpenID implementation available
Anything that de-couple authentification/authorization from the address handle used in the communication potocol is welcome.
The slight drawback I would see today is the binding to HTTP in the negotiation… This is very web oriented.
In short, the principle of OpenID is definitivly interesting, but may need to ba adapted to communication protocols. That should not be difficult.
As a matter of fact this may be also of interest http://openid.xmpp.za.net/
Yes, I think that OpenID is a cool idea for VoIP applications.
{ 3 trackbacks }