[OpenID] Relying Party Best Practices

Thomas Huhn thomas.huhn at gmail.com
Thu Mar 8 09:51:18 UTC 2007 

Thanks Martin for pointing to this issue again. The editors at
http://openiddirectory.com (OIDD) really have to face a lot of
"implementations in the wild" these days. And more than once we stretch our
own principles in favor of having one more site supporting OpenID to join
the community.

I agree on the basics you´ve been putting on the wiki, but I think the
implementation of OpenID goes hand in hand with the user interface. E.g. on
a lot of implementations on wordpress blogs you are redirected to the
dashboard after login and see a lot of information that should be private to
the admin.

Another example: A lot of wikis treat OpenID users as second class citizens
by almost hiding the login screen and giving it a different URL from the
standard login form. Sometimes you have to click through 3 pages to find the
OpenID login.

Other ones are confusing the user by presenting him screens with OpenID
login, name, email and comment field. This is not making clear that you can
use EITHER OpenID OR email / name. Sadly this is standard on wordpress blogs
until now (Verselogic plugin). It even gets more worse if comments are
moderated and you don´t get a hint that something happened after hitting the
submit button. An inexperienced user will wonder if he has only logged in
now and has to write his comment again. Different implementations are
causing a lot of confusion out there.

Even if this better belongs to the User Experience mailinglist I´m wondering
if we can have some basic principles for the UI on this wikipage to. We
would be more than glad if we could reference RPs to this page when they are
not conform with at least the basic best practices and otherwise reject
their submission to the OIDD.

Thomas

-- 
Solution Media GmbH
Eugen-Hertel-Strasse 20
DE-67657 Kaiserslautern
Germany

Email info at solution-media.de
Web www.solution-media.de
Phone +49 (180) 566 323 800 193
Fax +49 (180) 566 323 800 256
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070308/b8198a03/attachment-0001.htm>

More information about the general mailing list