The group I’m involved with, as my job, has released some software: Appalachian, an OpenID add-on for Firefox 2.x. It’s under a BSD style license. It helps you manage multiple OpenID, and smooth the process of logging into sites using OpenID.
OpenID is a good example of a solution that has lots of benefits and lots of risks. It sits in that part of the risk/benefit plane where our brains don’t like to sit.
It’s great because it has strong adoption drivers: not to hard for web sites to use, not too hard for users to understand, and easy for lots of identity providers to add to their offerings (and more importantly it’s very good for them). So, it’s very likely that OpenID will get a slew of adoption.
It’s risky because it encourages people to adopt a single global identifier; and that’s bad because it makes it easy for arbitrary 3rd parties to aggregate data about them.
The global identifier problem in internet identity systems is a puzzle. If you hang out with Semantic Web people for a while you begin to see a picture of the future were by giving every entity it’s only URI we can then casually make statements about those entities. How many URI denote the same entity quickly becomes a problem to which all the social sciences have something to contribute.
I have a strong opinion about this. I think entities should have more URI, not less; but that it is the nature of our technology that we are likely to rapidly head in exactly the opposite direction. I.e. what I want is entirely in conflict with what I believe very strong forces are going to deliver.
So I’m curious about how to fight back. For example how could we enable users to have billions of OpenID, rather than one (or a handful)? Appalachian is, among other things, a step in that direction.