[OpenID] OpenID Registration Scenario

Evan Prodromou evan at prodromou.name
Thu Jul 12 18:50:15 UTC 2007


On Wed, 2007-11-07 at 20:56 -0700, Peter Williams wrote:
> Ill advise the openid community Not to set its goals so low as to
> equate openid as that which one should associate with those sites that
> today do email auth (as proof of ID control).

This is _most_ publicly-available Web sites. It is not at all a low bar;
the 80-20 rule applies very well here, if not more like 90-10 or 95-5.

I think that scaremongering about OpenID doesn't make any sense for most
of these sites. The email-verification rule of thumb is a reality check
on that kind of FUD.

It would be _good_ to have some kind of story for people who need more
robust profile verification, and I think that a future profile
verification extension would probably make some sense. Maybe along the
lines of PAPE, but for profile data -- maybe PPPE?

But I don't think that most site owners need or want that, and I think
that the entities that _do_ need and want it are too conservative to be
using OpenID for a long while anyways. Lack of a profile verification
assertion protocol is not in any way impeding the uptake of OpenID.

-Evan

-- 
Evan Prodromou - evan at prodromou.name - http://evan.prodromou.name/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4422 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070712/f8cc7c88/attachment-0002.bin>


More information about the general mailing list