Saturday, September 30, 2006

Come on in!

It's amazing how small ripples can be made to fill the vacuum by sheer echo relaying. Reading my feed headlines, I came across a mention of Yahoo! opening up its authentication service to third parties. So what? But the post also said that "Dave Winer says this is a huge deal". By reference to the list of "Fallacious Arguments" I used previously, this is typically an Appeal to Authority. Let's check!

As I soon discovered, it was yet another conjectural babbling. After all, what is so extraordinary about another entrenched walled garden community’s keeper offering a service to the rest of the world as long as the rest of the world’s users give custody of some of their identity attributes to the said warden? In the end, these (the wardens) companies make money by selling identity attributes' derived products, such as searching or shopping behaviors or reputations…

To me this is just another expression of the typical lack of imagination unfortunately so common in the current web activity. Instead of trying to solve real end-users issues, such as identity attribute portability, it is certainly easier to invoke an "extended user's choice" and just offer another "me too" service.

As far as I remember, Microsoft started this a few years ago with Passport. And it was deemed so devilish at the time. What has changed since, apart from the number of devils, and the end-users' getting used to it? Microsoft (LiveID), Google (Google Authentication), Amazon (S3) and now Yahoo! (BBAuth) are the most visible examples of the same limited SSO approach. But so are the OpenID, LID, [name your favorite micro ID provider here] and consorts. As a matter of facts, we should perhaps use a different acronym, such as CSO (Centralised Sign On) or [insert your own acronym], instead of SSO. Others said it before, but I do not see how this announcement could be huge in any way except re-enforcing the walled gardens keepers' hold on identity silos. Internet is all about addressing, identity and communication. I believe we are only watching a greater concentration of power in the hands of the same few players. Funnily enough, AOL did not yet made a similar announcement.

I was under the impression the next generation of identity assertion systems had to move away from the concept of "location" based systems, where one is authenticated because he was able to enter a specific "fortress". Instead we're just seeing the multiplication of "fortresses". In this landscape, novel approaches such as what Jason Kolb is trying out look so refreshing…

Technorati Tags: , , , ,