[OpenID board] [SPAM] GCN (Government Computer News) covers OpenID
Chris Messina
chris.messina at gmail.com
Mon Sep 28 20:35:28 UTC 2009
Thanks Joab,
Completely understood. I for one think that your simplification probably
assisted your readers, but I'm not sure I have the full support of the
Information Card foundation in that perspective. ;)
The more the merrier, but it's true — this is a very complicated story to
tell beyond the "it's kind of like the sign in with Facebook" experience —
and yet so, so not. Thanks for taking the first stab — otherwise a rather
complete telling of the story so far.
Chris
On Mon, Sep 28, 2009 at 9:33 PM, Joab Jackson <home at joabj.com> wrote:
> Genetlemen,
>
> Hello! This is the author of the story, Joab. Thanks for the CC'ing me--I
> will indeed make these clarifications and corrcections to th online version
> of the article.
>
> I deliberately kept the Information Card out of this article if only to
> simplify the explanation of OpenID as much as possible. I think with many of
> our readers, we are starting at ground zero at explaining this concept. So,
> for better or worse, I was simplifying. I do plan on writing a separate blog
> entry explaining the Information Card in detail, however...
>
> joab
>
>
>
> Chris Messina wrote:
>
>> The article is here:
>>
>>
>> http://gcn.com/articles/2009/09/28/openid-authentication-for-federal-web-sites.aspx
>>
>> Unfortunately, it suffers from a number of inaccuracies or misleading
>> statements, which may warrant a simple blog post welcoming this
>> review, but highlighting some clarifications:
>>
>> "OpenID is fundamentally a way you can use your browser to
>> authenticate to a Web site by using a third-party identity provider,"
>> said Drummond Reed, one of the founding board members of the OpenID
>> Foundation, which oversees OpenID.
>>
>>
>>
>>> Drummond was indeed a founding member of the OIDF, but this quote makes
>>>> it sound like he's speaking on behalf of the OIDF board, which I don't think
>>>> was his intention...
>>>>
>>>>
>>>
>>
>> "For users, the chief appeal of OpenID is that it could provide a
>> single name and password combination for a wide variety of sites."
>>
>>
>>
>>> This kind of language concerns me — and I've recently heard feedback that
>>>> the government will be able to "get your Facebook password" if you use
>>>> OpenID on a government site... while the convenience of this statement is
>>>> not to be ignored, it should be clarified that one's password is NEVER
>>>> shared with an OpenID consumer/relying party (or the government!).
>>>>
>>>>
>>>
>>
>> "The list of consumer Web sites that accept OpenID as credentials is
>> growing, even if they lean toward the geeky side: Slashdot, Facebook,
>> Google, Technorati, LiveJournal and Yahoo. "
>>
>>
>>
>>> Google, Yahoo and Technorati do not accept OpenID credentials, AFAIK.
>>>> They provide them, but do not accept them.
>>>>
>>>>
>>>
>>
>> "The OpenID Foundation says more than 27,000 sites use the protocol,
>> although actual use on the part of the Web populace remains an open
>> question: One Internet service, called WetPaint, dropped support for
>> OpenID, noting that of its 1 million registered users, only 200 logged
>> on with OpenID accounts. Other sites, such as Facebook and Google,
>> hide their OpenID log-on pages."
>>
>>
>>
>>> As of July, according to Janrain, it looks like we're closer to 50K
>>>> relying parties:
>>>>
>>>>
>>>
>> http://blog.janrain.com/2009/07/relying-party-stats-as-of-july-1-2009.html
>>
>> And, while it's true that Wetpaint removed OpenID from their site, I
>> can personally attest to how AWFUL their implementation was:
>>
>> http://www.flickr.com/photos/factoryjoe/2478951850/
>>
>> Also, Google doesn't so much as hide their OpenID logon pages as they
>> don't support it (unless we're talking about Google Apps for your
>> Domain?
>>
>>
>> "A Web site that uses OpenID credentials assumes only that any OpenID
>> provider is supplying verification that a person wishing to register
>> under a certain account knows the password of that account, the OpenID
>> Foundation’s Reed said. "
>>
>>
>>
>>> Once again, it would appear that Drummond is speaking on behalf of the
>>>> OpenID Foundation.
>>>>
>>>>
>>>
>> Otherwise, it's a pretty good article.
>>
>> Chris
>>
>>
>>
>>
>
>
--
Chris Messina
Open Web Advocate
Personal: http://factoryjoe.com
Follow me on Twitter: http://twitter.com/chrismessina
Citizen Agency: http://citizenagency.com
Diso Project: http://diso-project.org
OpenID Foundation: http://openid.net
This email is: [ ] shareable [X] ask first [ ] private
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-board/attachments/20090928/352599bb/attachment.htm>
More information about the board
mailing list