Interesting arrival at the identity party OpenID. It’s simple, so it might spread fast.
This is a design that works with the existing web infrastructure. No need to update the installed base of client software. Good, that’s a nearly immovable object.
The usage scenario is straight forward. A random anonymous visitor wanders into supicious site. Supicious site would like to know more about this visitor. It asks the user for the name of some site that can vouch for him. The user enters a domain name. The suspicious site fetches the home page of that domain. Secreted away in the header of the home page is information about where the suspicious site can go to have a conversation with the vouching site. Using that info the two sites can then work with the user to make everybody happy.
It’s a nice design because the user explicitly reveals the name of the vouching site he’d like to use.
The spec could use some careful security review. The design is currently silent on why the supicious site would trust the vouching site. The design lacks any tools for fine grain control over what’s revealed about the user, and the distribution of that info.
The usual scheme to bootstrap finding the vouching site is to use a shared cookie; this is a nice alternative. The server in your basement might be able to play the vouching role. That’s something geeks like in a design.