[OpenID] Changes to the OpenID Foundation member page login

Peter Williams pwilliams at rapattoni.com
Sun Dec 7 05:19:49 UTC 2008 

And it seems a royal shame that the registration form cannot at least populate the name and email address fields from the openid assertion. It's clear from the design that though the site has properly rejected my myopenid's (non-)subscribers (non-)rights to membership benefits, it has already however relied on the openid. (Text shows the site is willing to bind myopenid to the pending account, upon completion of subscription formalities and settlement of payment).

If the argument is that US legalities of registration mean that the Foundation doesn't WANT to rely on the assertion to even populate a suggested form field, that's telling. If it's a mere oversight, fix it!

Remember, we are in showcase circumstance here. If the Foundation as a corporation doesn't do or choose not to leverage a primary function of openid2/sreg/ax, who else in their right mind will?

We are being evaluated as a community for (a) use of openid for a registration of a subscription involving regulated funds transfer (b) access to contracted benefits of a membership/subscription, (c) voting on legal formalities of a corporation (d) performing surveys of the membership under reasonableness criteria.

Comment: If getting Google and Microsoft to actually do what they did "last" year was a major step (that I still find that one incredible piece of evangelism), now showcasing the above lines of business uses of openid2 is just as big in my view. I'll assume Yahoo! legal has been helping out a lot: and reflect that this may be a legal milestone as much as a technical milestone.

After the completion of and the recording of an AGM vote by openid, I think it's time to go explore what's really happening here ...with the same ABA legal community who got behind certs in the 1993-1996 period.


From: general-bounces at openid.net [mailto:general-bounces at openid.net] On Behalf Of Peter Williams
Sent: Saturday, December 06, 2008 9:56 PM
To: david at sixapart.com; Brian Kissel
Cc: general at openid.net
Subject: Re: [OpenID] Changes to the OpenID Foundation member page login

I could not get to the part of payment (for registration) without passing by the (unacceptable) agreement terms.

Out of interest, is there a debit/credit-card payment option? And is the Foundation PCI compliant (and has it attested to compliance)?

There are of course proper means to avoid needing to audit/validate the storage/transmittal/processing systems as being PCI compliant - including using explicit framing solutions by payment gateways. Is this what the foundation does? Who is the vendor of the payment gateway, and does the Foundation have its own merchant id?? Who is the Acquiring bank (if any), and how was it selected?




From: general-bounces at openid.net [mailto:general-bounces at openid.net] On Behalf Of David Recordon
Sent: Saturday, December 06, 2008 9:08 PM
To: Brian Kissel
Cc: general at openid.net
Subject: Re: [OpenID] Changes to the OpenID Foundation member page login

Hey Brian,
Thanks for more of the backstory here.  A few questions:


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20081206/03425be5/attachment-0002.htm>

More information about the general mailing list