February 2006

The on-line identity space has always been fascinating to me. We all have on-line identities but today they are siloed in places like Yahoo!, Amazon and eBay. My identity (and subsequent reputation) is locked in these sites (sometimes referred to Identity v1.0). Every site you go to wants information from you to “confirm” who you are or at least attach your contributions/efforts to some single identity. How many forums, websites and on-line merchants do you have login information for? I believe the number you’re looking for is a gazillion. That’s a lot of zeros.

IMHO, the keys to successful Internet identity are being light weight and decentralized. We’ve seen efforts in the past like Passport and others that have failed because they were either a) too ambitious, b) didn’t have the users’ best interest in mind or c) were centralized. De-centralization speaks to the nature of the Internet. Being light weight helps get deployments out quickly giving insights into how people use the technology. This helps shape the next generations of the tools as well as things that get layered on top of it. Dictating the entire stack doesn’t work in today’s marketplace.

Looking across the identity landscape, I see two contenders that match the keys to success from above. One is OpenID and the other is the Higgins Project. OpenID was proposed by the folks at Danga (aka LiveJournal) and the Higgins Project was announced today but has been in the works for quite some time.

From what I have read about the two technologies, they look quite similar. A thin layer of identity, coupled with a way to describe the services tied to that identity. No assumptions are made about what you’ll layer on top of the identity. Again, I think this speaks well of the Internet. Imagine going back to 1985 and trying to define not only what the Internet is, but how you’d use it and the framework around making it successful, scalable, etc. You couldn’t do it. I think the same is true with identity. Define a thin layer that acts as a platform that people can use effectively. How they use it and the services/tools you (and more importantly they) layer on top of that are the opportunities for commercialization.

One of my favorite complaints of OpenID was that it lacked a trust mechanism. Of course it does. Its just an identity component. Trust can be layered on later if the identity piece is a platform. The problem with identity in the past has been everyone has tried to engineer the Itanium. What we really need though is the Opteron. The fact is, trying to design the entire stack in one go is a major pain. OpenID addresses this by being a thin layer of identity on top of which people can place anything they want. From the looks of it, Higgins will do the same thing.

Okay, great. Higgins and OpenID are possible options. The next thing I hear in all of my conversations with people is, “Amazon|Yahoo!|eBay will never adopt this. It will never take off.” Really? LiveJournal already has 9 million OpenID users. That’s a pretty good start. So how do we get the “big” sites to adopt something like this and break the identity 1.0 barrier? I’m wondering if there is a way that we can get the tail to wag the dog here.

Of course this is all pie-in-the-sky stuff. You’d need an army of developers and years to implement libraries for something like OpenID for all of these different applications. Hmm, actually that’s not true. Most of it is already done. Holy crap. Libraries for PHP, Perl, Ruby, Python and .NET as well as patches for tools like Mailman and MediaWiki?! Painting the full picture, we see that we have millions of enabled users (LiveJournal) and plenty of tools to make it happen.

How many open source tools do you know of that require a login? The list is endless; phpBB, Wordpress, Drupal, Moodle, every-single-other-CMS, every-single-other-blog-tool, etc. What if you could get OpenID or Higgins enabled by default in them? I know I’d love to be able to serve up my own identity with this Wordpress instance. Not only that, each of these tools wants to have things like social networking (I know this user and that one but I hate that guy, etc). In each instance, they are tied to one tool or a specific site. Again, siloed identity 1.0. Its almost like these sites are making their software do acrobatics above and beyond their “main thing”. Imagine if these sites were OpenID or Higgins-enabled? Not only could you login to them seamlessly, you could tie all sorts of other services in.

What else could you layer on this? What about reputation or social networking? I love Orkut and LinkedIn but again, they are coupled to only those sites. If I had my OpenID and could build a network of other OpenID users that would be pretty powerful. Enable it through open web services (a la Google Maps) and now you can do more effective messaging and others. What if you could take the reputation or trust or social networking and apply it to your Digg login? Some might say that would hurt Digg’s traffic; I disagree. I actually think it would augment it. If users can easily traverse many different web sites and engage in conversations across them, that frees up those sites to actually focus on making tangible content (or aggregating it as the case may be). Add in a Firefox extension or Internet Explorer plugin to ease the process and maybe a little Grease Monkey action and things get very, very interesting. The possibilities are endless and I guarantee the best ones won’t be thought of until this thing is going at a thousand miles an hour.

So where do we go from here? What if we start a grassroots campaign to get OpenID enabled in the top-tier open source applications? Enable OpenID or Higgins across these projects and I guarantee you’ll see ideas behind identity 2.0 realized very quickly.

There is a trend that is occurring in the enterprise open source space that could become very lucrative in the coming years. For those of you attending OSBC this week, listen up.

The open source development model continues its march into just about every space that software exists in. Today, I want to talk about one that I think could be very lucrative for the companies involved; enterprise applications.

Recent years (or is just months?!) have seen Oracle turn into even bigger than the 800 lb. gorilla. Acquisitions have made Oracle and enterprise powerhouse but I believe they will be coming at a cost. Over the next 2 to 3 years, Oracle will be busy digesting these companies into the fold and integrating product lines across the board. This will be tough for customers as the pace of innovation for Oracle will slow while this happens. If you’re a new player to this market, you’ve got a chance to steal some market share.

The fact is, if you’re not in the game today, 3 years isn’t enough to jump in and gain any traction. The enterprise is finicky and even more so when it comes to critical applications. So who is going to make out like bandits? I think its the existing players in the market; Salesforce.com, Compiere, SugarCRM and Project.net.

Everybody has been talking about these companies for quite some time. What is most interesting to me is that each one represents business opportunities for the other. That is if they can all come together to work together.

Imagine that you are the CIO or more likely the Director of some portion of your IT organization. You have been using a CRM solution or maybe an ERP system for the past 10 or 15 years. Its time to re-up your license and maybe take the plunge from Oracle on VMS to Oracle on Unix or Linux. Guess what? Lots of people are re-evaluating the status quo and looking at new solutions like SugarCRM or Compiere. The best part about this is that they usually deploy one of these solutions in a small corner of the office, usually to replace just one component or application that is end-of-life.

What is very interesting about going with an open source (and more importantly open standards-based) product like SugarCRM, Compiere or Project.net, is that these products are built to work with other tools. Grandpa’s CRM solution wasn’t designed to play nice with anybody. Now, you get something like SugarCRM in the door, you can now look at deploying other products like Compiere or Project.net. Guess what? They will all work together with very little heavy lifting (that is in comparison to making that COBOL monster directly leverage one of those apps).

Each one of these players in the enterprise space has a unique opportunity to work together to drive business to one another. Here’s to hoping that they all realize that and execute on it.