Content, as a concept, encompasses a wide area. It could be a newspaper article, a radio program, a TV show, a spreadsheet or presentation. Creating and managing content has been one of the primary purposes of computers, ever since they came into existence.

With the rise of the Internet, and particularly social networking, there has been a renewed focus on people and the role they play in a system. Proper emphasis on individuals and groups makes collaboration more efficient.

One of the problems surrounding identity in the past has been the lack of a widely adopted standard. This has made it very difficult to build solutions that are interoperable. Thankfully, OpenID is gaining traction, along with usability improvements through EAUT and other initiatives.

Underlying OpenID, the XRD specification, emerging from earlier work on XRDS-Simple and Yadis, will tie people and content together through services that allow interaction among the two.

There is a lot of work remaining, but its conceivable at this point to envision a future where signing up for a service is as simple as entering your email address and approving access. When the mesh realizes that level of usability, innovation will both flourish and be self-reinforcing.

Developers would be well advised to pay attention to these standards. Integrating these technologies will allow software to participate in the larger web-based ecosystem, both deriving and yielding benefits from and to the whole.

As I noted in my comment:

The standards are all coming together. In my mind, the flow looks something like this:

1. People become directly addressable (i.e. through email addresses).
2. Programs dereference the email address and get an XRD document, which identifies associated services.
3. Programs interact with the discovered services to publish and subscribe to content.

For example, I use http://jaredhanson.net to sign on to sites that support OpenID. Being a geek, I’m comfortable with using my URL to identify myself. However, the general public is accustomed to using their email addresses.

Toward that end, Michael Richardson of Vidoop has launched Emailtoid, a service which will allow people to sign on using email addresses rather than URLs. Chris Messina has the complete rundown.

Because I’m intrigued by the inner-workings of OpenID, I poked around a bit. Here’s what I found…

First of all, its important to realize that Emailtoid will only work when logging on to sites that support it. This means the site has to support OpenID, as well as fallback Emailtoid when and email address is used to sign on. That limits the total number of supporting sites to one, currently: erp.gobyairship.com, the example relying party. However, this is just a technology preview at this point, and you have to start somewhere.

Sign On

To sign on, simply enter your email address.

Now, you will wind up on the Emailtoid service. In order to verify that the email address you entered is actually yours, Emailtoid sends an access key to your email address.

Go to your inbox, where a new message should be waiting. Click the link in the message, or copy the access key into the page.

Once your email address has been verified, you will be logged in at the original site.

Associate an OpenID

If you already have an OpenID, you can associate that with your account at Emailtoid.

With that association in place, Emailtoid will redirect you to your OpenID provider when you sign on, where can enter your password as usual. This is more convenient that switching over to your inbox in order to get access keys.

Identifier Details

Under the hood, Emailtoid is generating OpenID identifiers for email addresses that do not already have such an identifier associated with them. When I first signed on to the relying party, my identifier was: http://emailtoid.net/i/d99a3e8e/756a31ac/

Because I’ve associated my OpenID with my Emailtoid account, that link simply redirects to http://jaredhanson.net/. An account with no such association currently gets a boilerplate placeholder.

Final Thoughts

As noted in the release announcement, this is not a final solution, but rather an attempt to start a discussion about best practices. I’ve got some ideas rolling around in my head. As I experiment, I’ll post about my discoveries. Stay tuned.

OpenID is an open protocol that allows people to login to websites using a single digital identity, eliminating the need to create another account at each new site you visit. It’s a relatively new technology, and not yet widely deployed, but it is gaining traction.

OAuth was another topic of interest at the event. A separate but related protocol, it specifies how sites grant authorization to other sites that wish to utilize services. Combined with OpenID, some interesting things become possible.

For example, imagine accessing Google Calendar and Travelocity using the same ID. Since the two accounts are linked, when you book a flight, Travelocity can automatically add your flight times to your calendar.

These technologies open up new possibilities for developers and designers to create applications that better server people. Things are still in the early stages, and events like this are important first steps.