Google, Microsoft and the OpenID dust-up

By   |  October 30, 2008

There was a time when you could pretty much trust in Microsoft to not do the right thing. But of late it seems that is not always the case.

Take the recent announcements by both Microsoft and Google that they were adopting and integrating OpenID, the open standard single sign-on system for Internet websites.

Microsoft announced on Tuesday that it was adopting the OpenID framework for its Windows Live project and that soon all Windows Live users would be able to use their Live ID to login to OpenID-enabled sites.

A day later, Google announced its OpenID plans, saying that users would be able to use their Google IDs to log in to sites that required OpenID accreditation.

Which sounds like good news for OpenID adoption which has been less than stellar to date. And with more OpenID providers, especially big ones, in the game the chances of OpenID really becoming the default standard for Internet single sign-on are strong.

Unless, of course, one of the big players deviates from the standard. Which is what many people are accusing Google of doing.

The NeoSmart blog writes: “Whatever it is that Google has released support for, it sure as hell isn’t OpenID”. And on Google’s own blog one commenter writes: In my opinion, this looks like basically just another closed, tied-to-one-vendor authentication scheme that just happens to use OpenID internally.” Another writes: “Except it’s not OpenID, is it? It’s GopenID, or GoogleID, or Andro-ID, or some other pointless fork of an existing and well-established standard.”

NeoSmart goes so far as to say that not only is Google’s “OpenID” a “‘departure’ from OpenID, it’s a whole new standard”.

Which is really the crux of the matter. The point of OpenID is to offer a simple and standard method for signing into websites. If Google uses most of the OpenID standard but then adds a couple of extra steps it potentially makes its system incompatible with other systems, and creates a fork of the original protocol. Which is exactly what you don’t want when it comes to open standards.

What is most interesting, however, is just how good Microsoft looks right now. This time it looks as if Microsoft is doing the right thing. And Google is playing the part of “embrace, extend, extinguish” which is typically assigned to Microsoft.

Tags:

Comments

2 Responses to “Google, Microsoft and the OpenID dust-up”

  1. jesus
    October 30th, 2008 @ 9:31 pm

    1. google is breaking an existing standard, which is a mistake. googles version of openID is much safer than the existing standard.

    2. m$ is a openID PROVIDER which means if you have a pre-existing openID it will not be possible to use it. why would they do this? because openID providers control and have access to your openID information.

  2. tracyanne
    October 30th, 2008 @ 11:53 pm

    No Microsoft doesn’t get to control and have access to my OpenID information, as I won’t use it, just as I refused to use Microsoft’s original Passport when I wanted to sign on to Microsoft controlled sites. And when it was the only way to sign on I created separate fictitious personas for each login. In the same way Google gets as little as possible from me, and should I ever have a Google account, or any account that requires OpenID, I will do the same thing. At best they will all have the same email address, but even that is not a guarantee.

Comments are closed