[OpenID] Rule of thumb

[Mark Atwood]

Evan Prodromou <evan at prodromou.name> writes:
> OpenID has much to offer these communities, and twisting it from an
> authentication protocol to a profile verification protocol is unhealthy.

I have to agree here.

What I am seeing in the various proposals about building a profile
verification protocol aka "verified attribute protocol" is that it
causes an explosion in complexity, both in conceptualization, in
actual implementations, and then in selling the thing to both users
and id consumers.

Distributed attribute-verification is an Interesting Problem, and
solving it would be Useful.

But, at best, OpenID's role it it should be at most to provide a
format-TBD and semanic-TDB discovery URI for it/them.

What I am perceiving right now is that some people (and I have to
confess, I am very nearly one of them) who have probably correctly
perceived how important a widespread distributed attribute
verification protocol will be are attempting to piggyback onto OpenID
as a current newest Last Best Hope for getting one deployed.

This is a Mistake, and if this path is aggressively pursued, it will
likely severely delay both the spread of distributed "id" and the
spread distributed verified attribute mechanisms.


-- 
Mark Atwood                 When you do things right, people won't be sure
me at mark.atwood.name         you've done anything at all.
http://mark.atwood.name/   http://fallenpegasus.livejournal.com/