Assuming Microsoft isn’t just in this for the press release, and gets support for this turned on fairly quickly, this is the first public enterprise-grade OpenID Relying Party of which I’ve become aware. Very nice work to all involved!
The biggest problem I have with TrustBearer being the only announced OpenID provider for HealthVault is that users will be obligated to buy a $40 gizmo from TrustBearer. Or provide their own second-factor hardware from an obscure list of approved devices (which surprisingly doesn’t even include PayPal’s obnoxious “use-anywhere” Security Key).
No one should pay anybody a single cent for any of these things! Technology isn’t supposed to put extra junk into your pocket. With the decade-old promise of device convergence, technology has been faithfully shucking devices out of your pocket. As an example, you probably have a phone, a day planner, a music player, and a camera all in one device in your pocket right now. And if used correctly, that single device (your cell phone) also serves very effectively as a second authentication factor that can be just as strong as the stuff peddled by TrustBearer and other security hardware vendors.
With luck, the smart folks at Microsoft (George Scriban, Kim Cameron, Mike Jones) understand that if there’s only one approved OpenID provider for HealthVault (and an expensive one, at that), then they aren’t really supporting OpenID. They might just as well start charging users for hardware to use to secure Live ID. Remember, fellas, that there are some of us OpenID providers out here (such as myVidoop, that of my employer) that provide two-factor security at absolutely no cost to the end user.
[Update: fixed a couple of minor typos.]