Over the past few years we’ve seen the adoption of OpenID continue to increase but the work that we’ve done as a community to develop this technology has only just begun. Looking at the landscape of OpenID adoption, its clear that there are several key factors inhibiting adoption, but two that we want to focus on today, namely usability and security in the browser.

It was almost two years ago when the Firefox 3.0 roadmap was announced and OpenID was mentioned as a new component to the platform. The Mozilla Firefox team looked to members of the OpenID community to step up and provide guidance on what exactly we imagined identity in the browser looking like, but we failed to mobilize and answer their call.

In light of that missed opportunity, Vidoop Labs has been working hard over the last several weeks to produce a prototype that we intend to use to initiate a wider discussion about OpenID in the browser and what it might look like.

So today we’re excited to offer a preliminary look at the Developer Preview release of our identity in the browser Firefox extension called IDIB. We’re releasing this as open source and looking forward to beginning an ongoing dialogue to determine what this functionality should look like and how it should behave. And above all, how it can begin to make OpenID more user-friendly and account-driven activities on the web more secure.

The extension does two things today:

• we help to reduce or eliminate browser-based redirects typically involved in authenticating against identity providers
• we add security to reduce the potential for phishing/man-in-the-middle attacks

We’re hoping this two-pronged approach will help mitigate at least a few of the issues around usability and security that we’ve seen act as barriers to OpenID adoption.

Now, the extension doesn’t do everything we want it to. As a matter of fact, it’s merely a starting point. Because of the way it works, it requires relying parties to adjust their support for OpenID and as such, as of today, it currently works on the Vidoop Blog (the changes required are documented here; depending on adoption and interest, these changes may or may not end up as official extensions to the OpenID protocol itself). As such we strongly discourage using this extension for regular web browsing. It is intended as a developer prototype for testing purposes only — and to get a productive conversation started with real code!

We’ve got more about our thoughts on identity in the browser means here and a mailing list and code project to carry the conversation forward.

Vidoop Labs launches today as a central place where we will be showcasing existing and future technology projects that we are investing in for the future of unified identity and dataportability on the open web. Existing projects are listed, but keep an eye out for several new initiatives we will be launching over the next few months. Starting next week.

Vidoop’s News Clipping Service…
(more…)

While speculations abound, it is indeed true that Chris Messina and Scott Kveton from Vidoop, along with many, many others, have been working hard over the last few months to help create the Open Web Foundation (OWF). Vidoop is excited to be so involved in an organization that is going to really help ease the creation of new specifications that will shape the Open Web.

Over the coming months, Vidoop will be delivering new services that not only take advantage of these new specifications but also make them easy for users and companies to use. The reality is users shouldn’t need to know about these technologies but they will be the underpinnings of the Open Web.

If you have questions or feedback please join the Open Web Foundation discussion group here:

http://groups.google.com/group/open-web-discuss

For more information about the OWF, please visit the FAQ page.

We’ve released a new version of myVidoop packed with new features. After getting lots of great feedback we are very pleased to be releasing updated versions of Vidoop.com and our identity provider myVidoop, including updates for our Firefox myVidoop plugin that does automatic form-filling for you!

That’s right, the (Firefox) plugin will now fill out online forms…

• - Finally you can enter your gender once and for all (you can change it of course…), and myVidoop will securely store all your personal information!

  
  

• - Click on web forms to have your data filled in.
• - Fill in forms either on a line by line basis or select a profile to populate forms with a group of data.

  

Other changes to note:

• - The profiles tab is now the ‘My Info’ tab.

  
  

• - Existing profiles can now be found on the ‘My Info’ tab.

  
  

• - When you select what data to share with an OpenID site, you can now select a profile, auto-complete, or enter data manually.  The choice is yours!



• - Once you have trusted a site, you will need to go through a new trust transaction to change the data associated with it.
• - The browser plugin will now store data online by default.

There are some known issues:

• - Not every type of data you can save on the my Info tab will be available when filling forms, but we plan to address this.
• - Due to changes, some sites that the myVidoop plugin previously remembered passwords for may not have their usernames/passwords filled out properly anymore.  On the other hand, the myVidoop plugin now works with more sites than ever.  Please let us know if you have any new issues.

Much more is coming…. stay tuned for continued updates to myVidoop and our password management solutions, including improvements for the Internet Explorer myVidoop plugin!

Vidoop’s News Clipping Service…

(more…)

We’ve got some great upgrades to our service ready, but we’ll need to take the service offline to roll them out.  So, myVidoop will be unavailable tomorrow morning (7/24/08) from 7am to 9am CDT.  We’ll be introducing some new features which we’ll tell you about in a later blog post (or just check out the site tomorrow after 9am).

UPDATE: We went over by 10 minutes, and we’ll be wrapping up a few minor issues over the next few minutes.  But everything is looking awesome!!

We are very proud that Chris Messina (aka @factoryjoe), a recent addition to the Vidoop team, has recently received the award for ‘best community amplifier’. You can read about the history and see past winners at the Google-O’Reilly Open Source Awards - Hall of Fame but the general idea is…

The Google-O’Reilly Open Source Awards have been presented to individuals for dedication, innovation, leadership and outstanding contribution to open source.

Winners are selected by a committe, made up of the following: Allison Randal, (The Perl Foundation & O’Reilly - OSCON Co-Chair), Brady Forest (O’Reilly - Technology Evangelist and Conference Chair), Brian Behlendorf (CollabNet CTO and Founder), Chris DiBona (Google, Open Source Programs Manager), Danese Cooper (Open Source Diva, Intel), David Ascher (CTO, ActiveState, and director, Python Software Foundation), Tim O’Reilly (Founder and CEO of O’Reilly Media), Nat Torkington (O’Reilly - OSCON Co-chair), Zaheda Bhorat (Google, Open Source Programs Manager).

Chris has consistently been at the forefront of the Open Web movement and an outspoken advocate of open source technologies. Since being introduced to him and the open web/identity community a little over a year ago, he has personally been very helpful in navigating the landscape, making introductions and genuinely a fun guy to hang out with. I am sure I join the rest of the Vidoop team and web community at large in congratulating Chris on a job well done and wishing him continued success in whatever ventures he pursues. Whatever it is, the web will be better off because of it

We’re proud to announce that Draft 5 of the Email Address to URL Transformation (EAUT) specification is now available. What does this mean to me you may be asking yourself? It means that coming soon to an OpenID login form near you, you will be able to use your email address as an OpenID.

In basic terms EAUT makes it easy to take an email address and transform it into an URL, making your email work with services like OpenID. The goal with Emailtoid is to demonstrate the technology and provide a fallback solution for a larger, decentralized network based on the EAUT specification.

Using an email addresses as a login is already a familiar process. The problem is that an email address is not very useful as an endpoint for identity information. A URL is much better for storing identity information, though using a URL to login is counter intuitive. This is the usability disconnect that EAUT aims to address.

With EAUT, email providers can host an XRDS document at their root (eg, aol.com). Here’s an example XRDS document:

<?xml version=”1.0″ encoding=”UTF-8″ ?>
<XRDS xmlns=”xri://$xrds”>
    <XRD xml:id=”main” xmlns=”xri://$xrd*($v*2.0)” version=”2.0″ xmlns:simple=”http://xrds-simple.net/core/1.0″ xmlns:openid=”http://openid.net/xmlns/1.0″>
        <Type>xri://$xrds*simple</Type>
        <Service priority=”10″>

            <Type>http://specs.eaut.org/1.0/template</Type>
            <URI>http://openid.aol.com/%7Busername%7D</URI>
        </Service>
    </XRD>
</XRDS>

If the example email is vidooprocks@aol.com, The above XRDS document, hosted on aol.com, would mean that the resulting URL is http://openid.aol.com/vidooprocks - which is a valid OpenID (or would be if somebody had that email).

Now, what happens when the email provider doesn’t have an XRDS document, or has one but doesn’t have any EAUT types in there? You use a fallback service - just like Emailtoid!

With EAUT, relying parties can now have the best of both worlds. They can ask for email addresses, which people are used to, but still only have to implement OpenID. Please let us know if you have any questions or feedback on our Emailtoid support page.

OSCON 2008 by itself is enough to geek out about, but don’t forget about the parties!

• Tuesday, July 22, 7pm: Django Drinkup! come to Jax Bar to meet other Djangonauts from OSCON and the Portland area. We reserved the Jax Bar rooftop patio. It’s easy and free to get to Jax from the Convention Center on the MAX. We’ll be getting started between 6pm-7pm. For more info contact @mtrichardson

• “Wednesday, July 23: FOSCON! Being held at Cubespace, FOSCON is a Ruby gathering (I know, I know) but they want to have a competition between the big three frameworks - Rails, Django, and CakePHP. One team per framework, teams are two people each, official rules at http://pdxfoscon.org/competition - if you think you’ve got what it takes to represent Django in this event, drop @mtrichardson a line.”

• Thursday, July 24, doors open at 6pm for the SourceForge Community Choice Awards which will be hosted at the Jupiter Hotel. There will be buses running between the party and the convention center starting at 5:30. Oh ya… and you may be able to get a free tattoo

• Thursday, July 24, 8pm-11pm: Beerforge III will be held at Bossanova. Highlights include free shuttles from the SourceForge party, all you can drink open bar (mixed drinks, beer, wine), lots of swag, excellent catering from Fords on 5th (read bacon wrapped dates) including some awesome vegan dishes, and maybe some other surprises… thanks to Jive Software, Mozilla, OpenSourcery, OSL, Songbird, and Vidoop for sponsoring!

If you fall in love with Portland and decide to stay, the good times keep rollin’ with a Django sprint on August 22 from 9am to 6pm here at the Vidoop offices.