Ladies and gentlemen,
Let me take you on a journey taken by OpenID Community through the evolution of digital identity – a story that continues to unfold even today. I do so as I have been in the community from the beginning and probably quite authoritative. You can probably draw analogy from it as well.
It all began with OpenID 1.0 – a simple yet innovative solution that allowed blog owners to prove their identity online. At its core was a self-asserted identity system, where trust was built through one’s history and interactions in the blogging community.
The transition to OpenID 2.0 marked a significant expansion. What started as a blog-centric solution attracted a diverse community of similar initiatives. The introduction of OpenID Providers brought major platforms like Yahoo into the ecosystem. The movement gained international momentum, and I’m proud to say that here in Japan, the formation of OpenID Foundation Japan made headlines across major television networks and magazines.
While the community was growing rapidly, we faced challenges. The informal nature of our early days meant that even intellectual property rights weren’t properly managed – a situation that took me four years to resolve.
OpenID 2.0, despite its success, had its limitations. We encountered issues with cryptographic brittleness and complexity that hindered wider adoption. Traditional solutions like XML Digital Signatures proved equally problematic. This led us to develop entirely new signature formats – JWS and JWT – which became the foundation for OpenID Connect.
The impact was remarkable. Google led the implementation, followed by numerous others, and eventually even Apple joined the movement. With the smartphone revolution, OpenID Connect spread across the connected world, reaching both private sector applications and government services.
But are we done? Far from it.
We face three critical challenges:
- Only half of the world’s population has smartphone access
- Many governments still lack the infrastructure to provide legal digital identity to their citizens
- Traditional identity providers can only verify a limited subset of information about us and puts a heavy burden on issuers that need to provide scalable 24/7 systems.
Japan’s advanced digital identity infrastructure, while impressive, is more the exception than the rule globally. We need more versatile solutions that allows issuers to be sometime connected.
The path forward requires an even stronger, more collaborative community. Here in Japan, we’re fortunate to have such a community that transcends organizational boundaries. This August, we witnessed this collaboration in action when FIDO, W3C, and OpenID Foundation Japan united for a joint event that drew over 200 participants – limited only by venue capacity.
SIDI Hub Tokyo today represents another step forward in this journey. It gathers even wider community. I extend my sincere gratitude to the Digital Agency for bringing us together and providing these excellent facilities. I look forward to the meaningful discussions ahead.
Thank you.
Slides: https://gamma.app/docs/The-Evolution-of-Digital-Identity-OpenIDs-Journey-sb1lbqdx3ozjhg1