File Under: Web Basics

Sun Shines Light On OpenID

250pxopenid_logosvgSun has announced it will start supporting OpenID, but with a unique twist. Sun won’t be offering a consumer solution, rather it’s starting with its own employees.

With Microsoft, Yahoo, AOl and others embracing OpenID one might wonder why Sun’s rather limited foray warrants attention, but the difference is in how Sun is using OpenID.

Tim Bray writes on his blog:

Unfortunately, at the moment, it isn’t good for much, because the OpenID might be pointing at a server that’s evil or silly. It’s good enough for blog comments and that’s about it.

What’s more interesting is that we’re rolling out an OpenID provider, but with a twist: You can’t get an OpenID there unless you’re a Sun employee, and if someone offers an OpenID whose URI is there, and it authenticates, you can be really sure that they’re a Sun employee. It doesn’t tell you their name or address or anything else; that’s up to the individual to provide (or not). The authentication relies on our Access Manager product, and it’s pretty strong; employees here have to use those crypto-magic SecureCard token generators for serious authentication, passwords aren’t good enough.

Sun is the first company to use OpenID as an employee tool. Others, like Microsoft’s OpenId support in Vista, are consumer tools used primarily by the bleeding edge of the techno elite. And as Bray points out, most consumer tools are problematic in an enterprise system.

But what Sun is doing could well move OpenID from handy tool for those in know, to something with real world practicality for companies concerned about security, yet wanting to keep the process of verifying identity simple and easy-to-use.

With more companies eyeing online enterprise apps as a viable solution, something like Sun’s OpenID project is fast becoming a necessity.

And Sun has long history of pioneering moves in the digital identity realm. From the Liberty Alliance project to today’s OpenID announcement, Sun has long led the way for companies and others looking to establish secure and effective ways of managing identity.

[via O’Reilly Radar]