[OpenID] Can we make a seamless OpenID mobile experience?
pwilliams at rapattoni.com
Mon Apr 13 15:43:40 UTC 2009
I wish Openid would join Concordia (and not just as a bit of marketing to "appear" cooperative). Then, the "community" addressing the same problems would be much stronger, and less divided.
From: general-bounces at openid.net [mailto:general-bounces at openid.net] On Behalf Of Luke Shepard
Sent: Monday, April 13, 2009 8:37 AM
To: Nat Sakimura; Allen Tom
Cc: general at openid.net
Subject: Re: [OpenID] Can we make a seamless OpenID mobile experience?
Many providers use email/password or username/password, but not all, and in fact OAuth and OpenID were built explicitly to not require passwords, which is great. Allen raises a great point, too - one of the scenarios enabled by OpenID is delegating through multiple authorities - i.e,. I use my Google OpenID to log in to, say, Yahoo, and then I use that to authorize Flickr photos to a photo printing service. With the chain of redirects in a browser, this is doable, but how do you manage that chain of responsibility without a browser?
I don't have an answer - doing it in a distributed way is really hard, which is why the community has basically punted on it. I just want to raise that it is a real problem, and if the open protocols always require a one-size-fits-all "stick it in a browser", then they will always be at a competitive disadvantage to systems that do enable login to devices without browsers. So it is in the interests of the community to brainstorm a solution to this problem.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the general