Kim Cameron answers my concerns around OpenID [LINK] in his blog [www.identityblog.com]. Kim’s post clarifies my understanding of the OpenID spec and also positions it nicely on the spectrum of identity solutions:
"We don’t live in a one-size-fits-all world…..OpenID cannot replace crypto-based approaches in which there are trusted authorities rather than trusted web pages. But it can add a whole new dimension, and bring the “long tail” of web sites into the identity fabric."
This makes a lot of sense and the analogy drawn from OpenID/WS-* and REST/SOAP resonates particularly well, at least for me.
He’s also running a nice piece right now involving an "HelloWorld" token and Cardspace. This is great as lord knows those tokens are complicated beasties and this boils ’em down to the bare necessities. There’s no better way to illustrate a new concept than with working code. Gotta love that.