1H 2009 Priorities

Agree on best practices for UX, major OPs agree to consistently enable and support this UX, communicate to RPs

• Agree on phase 1, tier 1 OP capability targets and major OPs consistently enable and support these capabilities (data, security, other?)
• Improve developer resources
• Develop and communicate a more clear and cohesive security strategy: technology, security community engagement, education, and marcom
• Visible reference deployments in targeted segments: blogs, social networking, media, entertainment, sports, personal productivity, and affinity groups
• Clear and consistent trademark and brand strategy, especially for B2B (OP to RP) initially
• OIDF organization on sound financial footing, appropriate professional staff in place, executing on the agreed to priorities and programs
• Begin market research on new market segments: retail, government, education – leverage successes and lessons learned in Japan and Europe

2H 2009 Priorities

Continue to enhance UX and data offerings (friends, activity stream, other)

• Agree on phase 2, tier 1 OP capability targets and major OPs consistently enable and support these capabilities (data, security, other?)
• Enhance security and other capabilities (data, PCI compliance, non-repudiation, etc.) as required for potential new markets: retail, government, education, etc.
• Begin mainstream market awareness and educational outreach (when required goals above are achieved)
• Leverage reference deployments (1H goal) into mainstream adoption in targeted segments: blogs, social networking, media, entertainment, sports, personal productivity, and affinity groups
• Develop and implement B2C (RP to end user) OpenID brand and trademark strategy
• Assess and refine OIDF financial and operational structure as necessary
• Develop 2010 plan

More detail below:

Improve Usability

• UX intuitive and consistent across OpenID-enabled websites as defined by RPs and end users
• No major concerns by actual and prospective adopters
• OpenID login success rate > UID/password success rate
• Discovery of preferred OP and login status is supported
• Multiple platform access is supported: cell phone and desktop apps

Sufficient User Data

• Minimum user profile data consistently available from all major OPs as required by RPs and end users in target markets
• Clarity on what protocols for what data: SREG, AX, Oauth, PoCo, etc.
• Roadmap for friends and activity stream data

Improve Developer Resources

• Increase & improve developer tools including traditional libraries, testing tools, JavaScript-based user interface components
• Improve documentation, provide social connectivity for OIDF members, publish an open “To Do” list where members and interested parties can get involved and participate in low-hanging, but essential, fruit.
• Interoperability tools and testing
• Make open source libraries accessible, tools for building community around the code

Clear message on Security

• Best practices developed that address concerns with single point of failure, phishing, control of data being housed by OPs
• RPs trust the security of OPs, at least a large enough white list of providers to be meaningful for their user base
• Need to educate RPs and end users that the internet overall is subject to phishing attacks, and how OpenID is at least as secure as traditional UID/password and likely more secure
• Better communication and collaboration with Security communities: IETF, SAML, Liberty, etc.
• Some guidance on the use of OP whitelists and blacklists
• Some guidance for tiered security access, forced re-auth, single logout

Sufficient reference accounts

• Establish successful reference deployments of OpenID across specific website categories to address the “chicken and egg” resistance
• Specific market segments and use cases need to be defined and prioritized
• Majority of major blog sites support OpenID
• 1H 2009: Content Provider adoption - media, entertainment, sports, personal productivity, and affinity groups (i.e. – not commerce)

Awareness & Education

• Target market segment RPs and end users are aware of the benefits of, and know how to use OpenID
• OIDF website is a true industry resource for RPs and end users: OpenID case studies, white papers, installation and testing tools and guides, etc.

OpenID Brand

• The OpenID brand is clearly defined, known and considered valuable by the general public (not just techies), and backed by an effective trademark regime.
• Question on timing of brand building for B2B (OP to RP) vs. B2C (RP to end user)
• Regular monitoring of the awareness and usage of OpenID by internet survey

Begin planning for longer term, broad market appeal and participation

• Retail: Develop a plan for if, when, and how OpenID could be extended into online retail applications
• Building off successes in Japan, obtain broad market involvement in OpenID including Financial, Web Commerce, Transportation, Social Sites, Internet Providers, Telcos, and Government
• Market Driven Innovation: OpenID-related innovation is driven by the needs of the marketplace, not just technical coolness
• Shared vision of OpenID in 5 years time - what OpenID achieves and how people's lives are changed for the better

OIDF Organization and Finances

• Permanent staff with sufficient support infrastructure
• Increasing Corporate support - sponsorship, membership, etc.
• Sufficient resources for well planned & executed activities valued by the membership worldwide