I really wish I had the time to setup some automatic detection of when provider support changes and make a blog post or something… work that benefits the community should be recognized.

See the OpenID Support Table.

The results are about what I would expect… there are just a few front-runners that are really making an effort to support the emerging technology (likely because they are also involved in authoring these new protocols). Everyone else is supporting some version of the (technically, still current) OpenID 1.x protocol and about half have also added sreg support. That same half have basic XRDS support (since it’s required for sreg), but none of them are doing more than the most basic XRDS discovery method. Only a couple of the leaders are supporting the more advanced (and much faster) XRDS discovery.

But what about OpenID delegate URLs? Is there ever a case when it does not make sense to add rel="me" to an OpenID delegate? I can’t imagine that there is, since the very act of delegating is saying “this is my ID over at this other service”. With that in mind, I propose that openid delegates always include rel="me" in addition to rel="openid.delegate". Rel is a space delimited multi-valued attribute, and I’ve successfully tested a couple of different services. Here’s a concrete example of my OpenID delegation links here on willnorris.com…

<link rel="openid.server" href="http://www.myopenid.com/server" />
<link rel="openid.delegate me" href="http://will.norris.name/" /> 

I will be updating my yadis plugin to behave in this manner as well.

update: I’ve also added Alexandre Passant’s nice FOAF/SIOC auto-discovery code.

I have to say though, I’ve been very frustrated with the direction a lot of implementors seem to be going with their OpenID deployments. It seems like everyone wants to be your identity provider… they’ll hold all your data and your password, and you can use them to login to all of the OpenID sites. Even better, you get to have a spiffy cool username with their corporate branding all over it like http://openid.somecompany.com/users/joeuser/. Isn’t that great?! *sigh* While this is all well and good for a lot of people that need something like that, this completely ignores the whole user-centric identity model this is all based on. Unless a user is ridiculously devoted to your site and community, they don’t want an ID under your domain. If you’re someone like Technorati, then all of your users likely have their own blog anyway, and thus their own URL to use for OpenID! It seems that very few of the larger Identity Providers out in the wild today are really making an effort to advertise the delegation feature of OpenID, which I think is by far one of its most attractive qualities. The beauty of delegation is that someone else gets to do the grunt-work of supporting the infrastructure for actually running the IDP, but your public face is always at your own domain. Your identity is still your own… always. If a provider says mean things about your cat or won’t respond to your constant MySpace friend requests, it takes about 10 seconds to jump ship and move somewhere else. This also helps to ensure constant competition between providers to develop the best tools for managing your identity and keeping it secure. While I’m curious to see what the business model will actually be in running an Identity Provider, this model is certainly in the best interest of the end-user.

So how do you actually delegate your OpenID to another server? It’s actually relatively simple, even if you’re doing it by hand. All it requires is a couple of lines of code at the top of your webpage that identifies what server you want to use, and the ID that server knows you as. This plugin does just that, but gives you a nice interface for managing it and won’t break when you change themes. Eran Sandler actually has another plugin that does this exact thing; it’s a little simpler in implementation but he has much better user documentation in the config screens… hey Eran, you interested in working together?

Get the plugin at http://willnorris.com/projects/wp-xrds/