Google is growing up. As they do they seem to abandon their “Don’t be evil.” motto and adopt Microsoft’s “Embrace, extend and extinguish” strategies. Yesterday they announced, only two days after Microsoft, that they were officially supporting the popular OpenID standard. Many blogs applauded this move as OpenID is a great standard that needs all the support it can get.
Unfortunately what Google has launched has only partially to do with OpenID. It sorta looks and feels like OpenID but when you look at it actually works you will see that this is a proprietary technology built and owned by Google that providers will have to implement besides OpenID.
Not exactly helpful to the OpenID movement.
As explained here:
Basically, Google has rewritten OpenID. Not only is it not exactly the same as the current OpenID protocol, it’s so different that existing OpenID relying parties won’t be able to use it. Only a handful of “partner sites” have been updated to understand Google’s perverted version of the OpenID standard, and anyone else hoping to authenticate via “OpenID” to Google’s servers will need to do the same.
Google’s implementation of OpenID seems to be incompatible with everyone else. Of course Google is big and might very well persuade lots of web services to drop OpenID support and simply go for The Google Solution.
Dick Hardt, an important OpenID supporter, also confirms that Google is NOT compatible with OpenID:
“Well, just tried using Google and checked on the OpenID mailing list and they are NOT compliant. You have to type in http://www.google.com/accounts/o8/id if you want to use Google on an RP that has not implemented Google’s magic extensions. Very disappointing.
Bad Google. Bad and evil Google…
[poll id="3"]
UPDATE: it seems that the day after this post Google updated their services to become 100% OpenID compatible. Pretty cool! Thanks for the tip David Recordon!
Do you use OpenID?
Yes, but only if I have to.No, OpenID sucks!Yes, all the time!No, don’t know what it is.No, but I should!
Just a minor contribution to this great blog, which is part of my morning ritual.
The Yahoo and Microsoft implementations are not very nice either i’m afraid. They took the marketing and left all the nasty “open” bits it seemed.
seriously, I dont get whats the fuss about, I like the idea of openid and even though I have an openid account somewhere I really wanted to use my google account… IT JUST WORKS
and I don’t have to remember it!
Seems like another strategy for Google to get more parties to use their implementation of openID.
@hoberion the whole idea behind openid is that were not dependent on a single provider. If google or any other company controls the login system for a large part of the web they can force their rules on websites and users alike without anyone being able to do anything about it.
It’s about what options you would like to have as an, internet, citizen not about the short term easy fix.
@hoberion
It looks like Google tries to do the same that Microsoft tried years ago with it’s Passport services: Become the universal login provider of the internet.
Even Ebay used Passport as a login option and Microsoft could control what people did on other companies’ websites. They knew when and where you logged in. Together with users’ cookies that’s very valuable data.
Passport didn’t progress very much, because people did want to trust their data to Microsoft. Now people like hoberion would trust them to Google’s OpenID. It would be a joke if Google could achieve what Microsoft couldn’t.
I’m not sure if you’ve seen it, but the day following their release Google removed their whitelisting requirement and are fully complaint with OpenID 2.0.
http://google-code-updates.blogspot.com/2008/10/moving-another-step-closer-to-single.html
Even Ebay used Passport as a login option and Microsoft could control what people did on other companies’ websites. They knew when and where you logged in. Together with users’ cookies that’s very valuable data.
Added that option. Thanks for the suggestion…
Happy to hear that!!! :-)