Hey, Angus Logan here, I'm at Web 2.0 Expo in San Francisco - there is a great vibe and lots of action. I've been spending time with and learning a ton from some of the open stack crew, Joseph Smarr, David Recordon, and Chris Messina. We've been talking about the technology, adoption, and when Microsoft (we) will roll our preview Open ID and Portable Contacts endpoints into production (nothing to announce right now).
Microsoft is a proponent of open standards through our work in the Open ID foundation and the Open Web Foundation. As these open specifications continue to mature, services such as RPX are great because they provide a stepping stone for developers.
I’m excited to see the announcement that RPX now consumes Windows Live IDs.
RPX delivers both user experience for identity provider selection and a translation layer between many proprietary and standardized protocols used by identity/resource providers.
End-users can spend their time in so many places on the web. The battle for attention is harder than ever. The downside of having limitless choice is the tax of signing in and telling websites about yourself. RPX makes it possible to sign in using one of the many identities a person already has - this includes authentication and profile information (first name, last name, etc.)
Web site owners just need to go to www.rpxnow.com and create an account. As end user data is being shared you need to create a Windows Live App ID and you tell RPX the details of your app ID and specify a privacy statement. You can also use the authentication page co-branding to make the experience somewhat smoother for your end-users. After this you implement some UI on your website, and you should see higher end-user satisfaction and conversion for signing in and profile information.
The Live Services APIs used are Windows Live ID Web Authentication and the Windows Live Contact API. Web Authentication is one of the options third parties have for becoming a relying party of the Windows Live ID identity provider/Microsoft federation gateway. It is built using standard web technologies and techniques such as browser based redirects/form posts. The Windows Live Contact API in this case is being used as a profile API as it exposes the "owner record" of the Windows Live user. To gain permission to the profile & address book Windows Live ID Delegated Authentication (DelAuth) was used. DelAuth provides a few unique controls for users to select certain objects to be shared, and the duration of the access.
Below are some screenshots from www.ladygaga.com which uses RPX:
(Windows Live ID, sign in and delegation stuff you've all seen before)
