Image by Mac Babs

We were close to announce this once but this time it is final: Spread OpenID will not be updated anymore.

Maybe you wonder about the reasons. Well, when Thomas and I first talked about Spread OpenID back in the summer of 2007, OpenID was – compared to these days – still in rather early development. But both of us were enthusiastic about OpenID already, especially about its promise to provide users with an opportunity to build an online identity independent of any company. However, at that time it was mainly driven by developers and therefore rather technical. There were hardly any resources available for users who wanted to know more about it or tried to choose an OpenID provider.

Spread OpenID should have been such a resource and we had many ideas about the site. Ha, there is even a mindmap somewhere on the net about it. You won’t believe the ideas we had. Hopefully, no one will ever find that map. Anyway, by the time we eventually launched Spread OpenID, the OpenID Foundation also re-launched its website, made it more user friendly, and included some of the ideas we had for Spread OpenID. So in the end we launched with a small provider comparison and a blog accompanying it.

However the blog is also document that things didn’t work out the way we originally thought. We updated it rather infrequently and didn’t add much more resources to the site. The reasons were manifold but the main one was simply time. Both Thomas’ projects and my own blog suffered (and still do) as well. Maybe we were a little bit naive about it. I don’t know.

The inevitable happened, Spread OpenID was on hiatus for a few months in 2008 and we tried to find someone else who was able to continue it with more commitment and enthusiasm. But this failed as well. So we tried to revive it again at the beginning of last year. But this was also just short-lived.

In the end, not only time is still missing but priorities regarding OpenID also changed for us. It’s just not as important to us anymore as it used to be two years ago. We still like it and we are happy about the progress that was made over the last two years. Though honestly, there are also developments we don’t like, e.g. there’s hardly any space for independent providers anymore.

The site will continue to be up for some time. It probably depends on traffic for how long, though. The OpenID Foundation is working on a provider matrix currently, if we got things right. So there will be some kind of replacement for the provider comparison.

To cut a long story short, we say goodbye today. Thanks a lot to all people and blogs that supported and linked to us, most notably Marshall Kirkpatrick at Read Write Web and Chris Messina. Also huge thanks to Cameron King for writing a great article on OpenID and contributing it to Spread OpenID, and last but not least to all readers. Without you we would have stopped much earlier.

Thomas & Carsten

by Edie.P

Happy New Year everyone! We hope you had a great start into 2009 and wish you all the best for the rest of the year. May all your dreams and wishes become true.

And with the new year Spread OpenID is also back. As some of you probably remember – well, just have a look at the posting below – we were looking for a new editor for the site in July. We had some applications since then but either we thought the candidates were not really qualified enough or some didn’t get back in touch. So by the end of the year Thomas and I just had two options left: close the entire site or continue with both of us at the helm. In the end it was a rather easy decision to continue. First, it would be a pity if the information on the site was getting lost and second, OpenID and other open standards like OAuth and OpenSocial are definitely on the rise currently. So more people will look for information on OpenID. We hope to be a source for them.

We have also added a new provider to our provider comparison: Swiss clavid which offers a great number of security features and looks very promising.
Also we have created a Delicious account for Spread OpenID: http://delicious.com/SpreadOpenID We will add interesting and informative bookmarks regarding OpenID and related topics to that account. You can also access the bookmarks via the sidebar.

If you have any questions just get in touch with us.

Spread OpenID needs some updates! Blog post on new services, articles on recent developments in the OpenID community, tutorials, and much more. However I don’t have the time – and probably a lack of motivation as well – to provide those articles. OpenID is gaining attention even outside of the tech blogosphere, it is becoming more user friendly, and also more secure. So it deserves some more, and especially regular coverage on this blog. Cutting a long story short, Spread OpenID needs some dedication and enthusiasm, it needs a new editor.

There are not much requirements for the job:

• You have some basic knowledge about the technical details of OpenID
• You are enthusiastic about it
• You read tech blogs, especially OpenID related ones regularly
• You enjoy blogging
• You like to share your knowledge
• You have some ideas to improve Spread OpenID
• You know English
• You know WordPress

That’s all basically. We can’t pay you but the OpenID community will love you for your efforts. Really!

So if you’re interested, get in touch by email: admin@spreadopenid.org

More than a month has passed by since the last blog post on Spread OpenID. So it’s time to report about two new additions to the comparison page: the Estonian OpenID provider which is linked to the Estonian identity card, and Yahoo!’s OpenID provider.

Both projects are very interesting, we think. Yahoo! is one of the major players on the internet and it is providing a very simple and easy to understand implementation of OpenID. It’s cool to see tutorials and explanations on all steps during the login process.

Estonia certainly offers one of the most progressive projects related to eGovernment. The identity card is the basis of a lot of services: electronic voting, an email address valid for citizens’ lifetime, embedded certificates for encryption, and much more. The OpenID provider is using this identity card as well.

We have also added a contact form on the About page. If you want to add your provider to Spread OpenID, change details of your listing on the provider page, or if you just have some questions, please use that contact form. Thanks!

This post is a complementary article to Cameron King’s great guide for end users. It continues the “How do I use my OpenID” paragraph with some screenshots to make things a little bit clearer. For this purpose ClaimID is the provider and RunLog the website I want to log into – the relying party -, though it could be any other provider and relying party as well. It’s just an example.

Login to the Relying Party

So let’s get started and point your browser to RunLog. On the left of the website you see the login link. You may have realized already that there is no Sign up or Register button or link. The reason is quite simple, though: RunLog only supports OpenID logins and Facebook authentication. More regular sites will probably feature Login and Sign up buttons or links; usually you can go straight to Login because you already have your credentials to login: your OpenID. So click on Login.

Next you see the screen to enter your OpenID. Just do that and make sure to also include http://. Unfortunately that’s not consistent throughout relying parties. Some of them demand http:// and some don’t. If they don’t indicate what to use you will have to try.

After pressing the Login button you will be forwarded to your OpenID provider.

Login to the OpenID Provider

Before using OpenID you have to be logged in to your OpenID provider. In ClaimID’s case I have to login right on the so called landing page. Well, that’s a little bit problematic in terms of phishing because a phisher could redirect me to a fake login screen. Some providers don’t allow logins on that page but demand that you login by a bookmarklet, typing in the homepage in your browser and login from there, use certificates,… If you’re using a provider that doesn’t support those methods it is good practice to login to the provider before starting an OpenID session.

Next you see a screen like the one shown above. It confirms that RunLog is the site you are going to log into and that you can either always trust that site, log in just once or you can cancel the session. If you click on Log in and Trust you will never see that screen again when logging in to RunLog.
Please notice that RunLog also wants to know my nickname, full name and email address. ClaimID has auto-filled that information already by simply getting it from my profile there. This is a really nifty feature of OpenID called Simple Registration, an extension to the OpenID protocol. Though keep in mind that not all providers support it.

Back at the Relying Party

After clicking Log In or Log in and Trust I am forwarded back to RunLog. I am logged in now and email, nickname and full name are auto-filled, too. I can complete my profile now if I want to.

That’s all. Login takes just a few seconds with OpenID especially if you’re logged in to the provider already.