From a user standpoint, it’s a seamless experience. When you click on a button to log in via Persona, a window pops open and asks you which of your associated email addresses you wish to sign in with. Upon clicking it, you’re logged in to the site for 30 days (or 24 hours on an untrusted computer). You can already try it out on a few sites, such as this beta crossword page on TheTimes.co.uk.

It currently works in all major browsers with the pop-up window, but the eventual plan is for browsers to integrate Persona. So you could have a little button in the upper right corner that shows which Persona is currently active, and have a part of the UI slide down to approve new sites requesting access. (This would be great for public and shared computers. A couple of clicks to sign out of your Persona, and you’ve made sure that your sessions on every site you’ve used are closed. No more leaving Facebook or whatever logged in on a shared computer.)

It’s also very easy to integrate Persona into an existing web site. Easier than Facebook or Twitter sign on, it has been said. It’s just a little bit of JavaScript and a server-side request to a URL.

It’s all kind of like OpenID, only in a form that’s more convenient and easier for ordinary users to understand. You can find a more technical explanation here, along with some links showing how to integrate it with a web site.

The authentication protocol’s biggest shortcoming is not the lack of websites support it, since more sites would implement OpenID logins if there were enough user demand; it’s not a shortage of OpenID providers either, since many large sites offer OpenID URLS. No, the problem is the users. The average web user just can’t seem to wrap their head around the concept.

I was recently struck by an idea that might simplify the experience for non-techies. What if OpenIDs could be in the form of an email address? Everyone is familiar with email addresses, and many sites have already accustomed their users to having their email address as a login name. If you really think about it, email addresses are already what OpenID has set out to be: a persona that you connect various websites to.

Imagine if GMail as your OpenID provider. To log in to an OpenId relying website you would input your email address, be sent over to GMail to verify, and then redirected back. I think it would be a little more user-friendly, providing that OpenID-providing email services made it clear that they offered the service.

WP-OpenID is a plugin that integrates OpenID into WordPress. Once installed, it opens up a couple uses for OpenID with your blog. Accounts can be linked to OpenIDs, and should you select the option, people will be able to enter an OpenID to leave a comment, rather than entering an email and name. I like the idea, since it makes commenting quicker and easier, but there’s one flaw. You enter the ID into the URL field in the comment form, so your name will link to your OpenID URL instead of your blog. The remedy is to delegate your OpenID.

First, create an OpenID at any provider of your choice. (You can find a list of providers here.) The URL I ended up with is redwallhp.myopenid.com.

Next, decide what you want your customized URL to be. Do you want just your domain, like mydomain.com, or will you set-up a subdomain (or subdirectory)? I ended up picking my new personal blog at matt.ntugo.com.

Now you just need to add two lines of code to your header.

<link rel="openid.server" href="http://www.myopenid.com/server">
<link rel="openid.delegate" href="http://redwall.hp.myopenid.com/">

Replace the italicized part of the first line with the URL of your provider’s OpenID server. A quick Google search will help you find the right URL (e.g. openid.claimid.com for ClaimID users). Replace the italicized bit of the second line with the OpenID URL your provider gave you.

And your done! You can now use your domain as your OpenID URL. This has the benefits of being easy to remember, and you can just change those lines of code if you decide you decide to switch from MyOpenID to ClaimID.

Yahoo is implementing OpenID alongside their existing Yahoo ID system, giving Yahoo users OpenIDs. According to openid.yahoo.com, you will be able to enter the URL “yahoo.com” into an OpenID box, bouncing you over to Yahoo where you can login with your Yahoo ID. Does this mean they’ve got their system set-up so you don’t get a unique OpenID URL (like id.yahoo.com/your_yahooid)? Another worrying note: Yahoo is providing OpenIDs, but are they going to allow people with non-Yahoo OpenIDs log-in to Yahoo sites (Flickr, for example)? Also, what’s to stop Yahoo from preventing your Yahoo-provided OpenID from logging you in to certain sites (i.e. competitors)?

Google’s Blogger.com will soon be an OpenID provider. Once this new feature makes it out of draft and into the main feature set, your blog’s URL will be your OpenID URL. If your blog is at you.blogspot.com, that’s your OpenID. It even works if you have your own domain name. Now, will they start allowing OpenID sign-ins with other Google services? Who knows, they might.