My plan had been to blog about this when the feature goes live later in the week. But there's been some online discussion already, and I'm sitting here at the horse show in waiting mode anyway, so it seems like now is as good a time as any to join the conversation.
The deal is — as of our next release in the next few days, users will have a new way to identify themselves to HealthVault. In addition to Windows Live ID, they will be given the option of using OpenID accounts from Verisign or TrustBearer.
As we've always said, HealthVault is about consumer control — empowering individuals with tools that let them choose how to share and safeguard their personal health information. OpenID support is a natural fit for this approach, because it allows users to choose the “locksmith” that they are most comfortable with.
You can certainly expect to see more such options in the future. For example, we are in the process of building in native support for Information Cards, which provide some unique advantages, in particular around foiling phishing attempts.
But why just two providers? When we were making our plans here, Chris on our partner team asked me, “Isn't this more like sort-of-OpenID?” The same question has come up online as well.*** Really, there's a very simple answer here. OpenID is a new and maturing technology, and HealthVault is frankly the most sensitive relying party in the OpenID ecosystem. It just makes sense for us to take our first steps carefully.
Both TrustBearer and Verisign have taken their obligations very seriously with their OpenID implementations. Beyond basic must-have safeguards like SSL, each offers a variety of second-factor options that provide a step up over traditional passwords — through the use of physical tokens or, in Verisign's case, the ability to associate an Information Card with an OpenID. This isn't meant to imply that there aren't other great providers out there — there are. This is just a start.
As we learn more, and as OpenID continues to mature, we fully expect to broaden the set of providers that work with HealthVault. We believe that a critical part of that expansion is the formalization and adoption of PAPE, which gives relying parties a richer set of tools to determine if they are comfortable with the policies of an identity provider.
This is exciting stuff — in a geeky way perhaps, but anything that begins to put strong identity technology in the hands of real users is a good thing, not just for those users, but for HealthVault and the Internet overall. Woo hoo!
*** BTW, I am clearly all about being cool and buzzword-compliant!
It's great to see an architect like Sean, who lives in Internet time and has a thousand other things on his mind, paying so much personal attention to identity issues. He's showing leadership through his commitment to phishing resistant solutions (like OpenID's PAPE and Information Cards). And he clearly embraces giving people choice.
The privacy requirements of the information he is protecting mean he HAS to do everything possible to protect peoples’ privacy. It makes complete sense to move incrementally. I hope the other OpenID providers who have clearly demonstrated their committment to strong security see the wisdom in this approach. He's opening doors. And this is the beginning of a process, not the end.