[OpenID] Fwd: Excellent critique of OpenID usability

Joseph Holsten joseph at josephholsten.com
Sun Aug 19 23:30:19 UTC 2007 

On Aug 18, 2007, at 6:48 PM, Ben Bangert wrote:

> On Aug 17, 2007, at 2:16 PM, Gabe Wachob wrote:
>
>> I see these complaints about OpenID.net not being understandable  
>> to end users and I totally agree with that assessment. But that  
>> was never the goal, and I think simply slapping up a list of  
>> openid providers would be inadequate.
>>
> While the thought of telling people to do a Google search for  
> "openid providers" (as Tom's draft document mentions) sounds  
> somewhat good, I think it'd be a pretty horrid user experience  
> compared to just having a list of "the big" providers. Consider the  
> vast amount of non-openid provider links that could appear at the  
> top depending on what article/blog posting/feed/site has the best  
> google rank for the week. It could take them awhile to find an  
> actual openid provider to use.
>
> Right now when I do a google search, about 1/2th the links are  
> openid provider related (development, news, feeds), while the other  
> half appear to be actual openid providers. I would not want to put  
> the burden of sorting that out to an end-user like my parents.
Well, I'm trying to populate this:
http://jyte.com/site/search?q=best+openid+provider

But some people think it's stupid
http://jyte.com/cl/josephholsten.com-is-the-new-fxseminar.myopenid.com
>> OpenID is a protocol, not an service offering or even a technology  
>> that a user can use directly. Hence, I don’t see why (as OpenID,  
>> the protocol) should be marketed or even explained to end-users,  
>> IMHO. W3C doesn’t market HTTP to end users, it markets the web (to  
>> the extent it markets to end users at all). This is like promoting  
>> the web by putting up links to web servers and web hosting companies.
>>
> This analogy is rather flawed. OpenID is not *just* a protocol, its  
> an entire brand for a different way of sign-in. I can tell you to  
> go to a website without saying "HTTP" (mainly cause users rarely  
> have to type it), but you cannot ask me to login using OpenID,  
> without saying "OpenID". Unless the marketing list is considering  
> changing the name so that you can say, "Signin with your  
> howzadunit" of course. Regardless, they will *have* to call it  
> something, and whatever that something is, should have a website  
> that explains what it is to end users. As long as end-users are  
> asked to sign-in with "OpenID", and the first google result for  
> OpenID is openid.net, then openid.net should expect its primary  
> audience will be end-users (once it becomes truly popular).
That's almost true today. But you didn't use to be able to specify  
your email was smtp without SMTP. Of course, you could always say to  
use your iname or lid or (perhaps?) sxip identity. We're not calling  
them Yadis identfiers, or XRDS locators, but those are just as  
appropriate.
>> Right now, I’m simply not all that concerned about end-users not  
>> understanding openid.net – it was never intended for them, any  
>> more than RFC 2616 was intended for users of the web. I think  
>> openid RPs and OPs need to describe to their own users what the  
>> experience is going to be at *their site* - the bottom line is  
>> that the user experience for each RP & OP can vary quite a bit –  
>> compare, for example, the user experience on Jyte vs. the user  
>> experience on Technorati.
>>
> As soon as websites say "Sign-in with OpenID", then the OpenID name  
> is meant for end-users. If all the websites said, "You must visit  
> this using RFC 2616" then a website about RFC 2616 should expect  
> primarily end-users should it be popular.
>
> So rather than digging through the marketing list, I don't suppose  
> someone can just clarify whether OpenID shall still be presented to  
> users as a "Login with OpenID" type text? If so, then unless we're  
> assuming there's more OpenID developers than end-users, we should  
> assume end-users will be the primary audience of openid.net; which  
> means that the critique about openid.net not having useful  
> information for users is spot-on.
I completely agree. We need a more narrow term than digital identity,  
but which includes lids, infocards, and everything else that wants to  
work with openid.
But that's not the problem we are here to solve. OpenID.net is about  
the OpenID authentication, service discovery, attribute exchange, &c  
protocols. Perhaps a link to providers is warrented, but it is not  
supposed to be a place for end users to find everything they can do  
with openid.
>> So, coming around to the topic, I think it would be useful for the  
>> user’s perspective to put together a good presentation/document/ 
>> wiki page(s) on user-centric identity (as opposed to a multitude  
>> of username/passwords) and how OpenID fits into this space – I’m  
>> sure there’s something good out there to start with (or just use)?
>>
> I think Tom's document is so far excellent, but I really think it  
> needs a list of some OpenID providers for the users who don't want  
> to have to do a bunch of Google searching just to sign-in. And as  
> long as we ask people to sign-in with OpenID, openid.net needs to  
> be ready for what the majority of the traffic will be.... end-users.
I think a jyte search would be more appropriately describe the  
community, but whatever list it might be, it ought not be static.

But openid.net isn't for end-users now, and shouldn't be in the  
future. If you think there is a need for an end user site, build it,  
find supporters, and work your way up the google ranks.

http://josephholsten.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070819/b171d2c5/attachment.htm>

More information about the general mailing list