Currently news are not so bad regarding OpenID. Orange and AOL are suppoprting it now, Symantec (Update: see comments) will support it soon, and Yahoo – considering its assistance in finishing the IPR policy – will most likely jump on the bandwagon in one way or another someday, too. While it’s great to see those big players – hey, and not all are “just” internet companies – joining the OpenID community, it makes me wonder if the decentralised nature of OpenID will persist.
For OpenID to succeed it’s crucial that as many users as possible know about it and actually use their OpenID, of course. Big companies like AOL which have a multi million strong user base are key in that process. Yep, I know, AOL could market OpenID a lot better than it has in the past but it will be one of the biggest identity providers (IdP) nevertheless.
Though the big question is what will happen to smaller IdP’s like MyOpenID and Xlogon when more and more bigcos are joining? Will users choose those providers or rather well-known, big companies? Also as much as I can see why AOL is whitelisting IdP’s, it will certainly further this process even more. Why choose a small provider when one of the biggest internet companies won’t let you log in with your OpenID? What about running your own identity server? Not a good idea considering whitelisting.
Another problem of smaller IdP’s might be a viable business perspective, or better a lack of one. Actually, I can’t see how running an identity server can generate enough revenue in the long run. Many small IdP’s are providing some excellent (security) features but those features are for free already. Maybe new features could be monetised. Will users pay for them, though?
This is a somewhat pessimistic view on things. Maybe, well hopefullly, I am wrong.