[OpenID] Live Icons for visual recognition of IDP logos

[Andrew Arnott]

Agreed.  I'd vote for the first mitigating option: RPs allow users to easily
bind multiple OpenIDs to an account.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - Voltaire


2009/4/1 Peter Williams <pwilliams at rapattoni.com>

>  There seem 3 main technical choices, for _*mainstream*_ failure
> engineering addressing OPs (or suspension/cessation of assertion-minting
> privileges by the OP, under its terms of service).
>
>
>
> RPs normally bind multiple openids to the account
>
> RPs host a new vanity XRDS, delegating to both the introducing OP and to at
> least itself (as a fallback  OP)
>
> RPs offer account recovery/restoration, based on some or other
> authentication scheme
>
>
>
> My wife just had an unpleasant ebay experience, leading ebay to suspend her
> account after 3 years happy-ebaying (after some merchant made a (dubious in
> my independent view) allegation, but who played the trust game under ebay’s
> reputation rules MUCH better than she did). Loss of the ebay auction
> privileges was no great shakes (Peter is less poor this month, than last).
> But …Ah, sorry.! Now No more access to “your” photos on photoshare.com for you , dear _
> *former*_ ebay-susbcriber.
>
>
>
>
>
>
>
> *From:* Andrew Arnott [mailto:andrewarnott at gmail.com]
> *Sent:* Wednesday, April 01, 2009 6:16 PM
> *To:* Peter Williams
> *Cc:* Allen Tom; general
>
> *Subject:* Re: [OpenID] Live Icons for visual recognition of IDP logos
>
>
>
> Honestly, Peter, the belly-up OP is what scares me the most about OpenID.
>  And I really like OpenID.  As large and well-written as myopenid.comseems to be, I'd never recommend my less-tech-savvy family use it over
> yahoo.com or google.com as an OP because I'm not convinced myopenid.comwill be around for 25 years.  That's why I use my "vanity" url.  It's not
> for vanity at all... it's for my own identity protection.  But the vanity
> url has to be at my own domain name so that no belly-up company can take
> down my identity. That obviously isn't a solution that will work for my
> friends and family.
>
>
>
> One other problem with listing lots of popular OPs at an RP, and that is
> that a user will learn to rely on his OP being shown, and even if the OP
> doesn't go belly-up, if it disappears from an RP's list of logos, many users
> will not know how to login any more and assume they're locked out.  Bad
> scenario.
>
>
>
> Personally, I'm uncomfortable with the idea that I'm logging in with OpenID
> in order to *avoid* a username/password and account recovery process at an
> RP, and yet that RP offers an email recovery for that account.  That feels
> insecure to me.  I want to separate my all-unlocking email address from all
> my other web accounts. If someone compromises my email address, I'd really
> rather they not gain access to all my web accounts at the same time.  So I
> don't want RPs to offer an account recovery option if I use OpenID to log
> in.  Let account recovery be an OP issue.
>
>
>
> Now if the OP goes belly-up, or locks the user out of their account for any
> random reason, what recourse does the user have?  Well, in the real world we
> have government that can help us prove our identity to various parties if we
> lose our driver's license or something.  Perhaps we need a trusted entity
> like that for the Internet. (I can already hear many of you screaming).
>
>
>
> An alternative to relying on an OP or running your own vanity URL is
> hosting your own identity on your own box.  Too complicated for the average
> joe?  Not so much if you use InfoCard.  InfoCard elegantly puts complete
> identity control in the user's hands, and without any risk of ever having it
> revoked by someone else.  There are a couple of problems with InfoCard as it
> stands today though that I see: infocards are not *easily *transportable
> to other computers (yet), and if they are lost without a backup, they're
> gone forever and so is your access to Internet sites.
>
>
>
> Since I don't have the perfect solution for either side, DotNetOpenAuth's
> openid login popup will probably feature a couple of major OPs, an OpenID
> logo, and an InfoCard logo, allowing the user to pick what they're most
> comfortable with.
>
>
> --
> Andrew Arnott
> "I [may] not agree with what you have to say, but I'll defend to the death
> your right to say it." - Voltaire
>
>  On Wed, Apr 1, 2009 at 5:50 PM, Peter Williams <pwilliams at rapattoni.com>
> wrote:
>
> Think about the message its sending.
>
>
>
> Who would want to put their family photos on a site they may not be able to
> access tomorrow (when some OP goes belly-up)?
>
>
>
> Surely an RP needs to assure its users that there exists the means to
> replace the OP? The dotcom bust taught us that lots of service  companies do
> infact go belly-up, in the usual boom/bust cycle.
>
>
>
> Would be strange if the UCI mission of openid facilitates data and identity
> portability, but then the failure engineering of the overall service still
> means you can STILL easily lose access.
>
>
>
> Presumably, the RP might retain  the users email address(es) from the sreg
> handoff, so it can send access-recovery URLs  granting the users access
> WITHOUT using any of registered OP(s) for the account.
>
>
>
> *From:* general-bounces at openid.net [mailto:general-bounces at openid.net] *On
> Behalf Of *Andrew Arnott
> *Sent:* Wednesday, April 01, 2009 5:39 PM
> *To:* Allen Tom
> *Cc:* general
> *Subject:* Re: [OpenID] Live Icons for visual recognition of IDP logos
>
>
>
>
>
> *[Peter Williams] *
>
> whether they trust them to just not go belly-up and thereby locking out
> their users from their accounts at that RP, some trust should be implied by
> an RP listing OP logos.
>
>
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090401/bb527a7d/attachment-0002.htm>