[OpenID] For the nominees

Allen Tom atom at yahoo-inc.com
Fri Dec 5 01:22:02 UTC 2008 

Eddy Nigg (StartCom Ltd.) wrote:
>
>    1. Adoption of OpenID by relying parties isn't on-par with the
>       amount of providers available. How would you improve that ratio?
>
OpenID has plenty of room for improvement, both from the User Experience 
side of things, and also for RPs trying to consume OpenIDs. We must 
streamline the Sign-in experience, and also make accepting OpenID as 
easy and painless as possible for RPs.

I've been helping to move the conversation forward by actively reaching 
out to potential RPs, the community, as well as to my peers at the other 
large Identity Providers. On behalf of the community, I worked behind 
the scenes at Yahoo to publicly release the results of our OpenID 
usability research, which usually would be considered highly 
proprietary. I also hosted the first OpenID UX summit, with a lot of 
help from Eric Sachs and Max Engel.

I believe that we are making a lot of progress towards improving OpenID 
and expect that 2009 will be the breakout year.

>    1. What is it that should be done in order to have big providers
>       like Google, Yahoo!, Microsoft rely on other operators?
>
I've always thought that it's more far interesting for Yahoo to be a 
Relying Party than to be an OP. If you'd like to see Yahoo start 
accepting OpenID, please vote for me. Having a seat on the Board will 
give me more credibility within Yahoo to help make the case for 
accepting OpenID.


>    1. Do you think that a trust relationship framework should be
>       created, similar to PKI auditing (or any other/similar idea) in
>       order to allow relying parties easily trust on other operators?
>       Or what would you suggest instead?
>
Echoing Eric's response, none of the potential large RPs that we've 
talked to have asked for an automated trust framework. Instead, the RPs 
seem mostly concerned about the overall user experience and the quality 
of the data that is shared with them.  Speaking as a potential RP, I 
would be most concerned about the overall reliability of the OP, and I 
would want a way to authenticate my users independently of the OP in the 
event that the OP becomes either unreliable or undesirable.

>    1. Do you think that instead of hiring an executive director, the
>       load of the different tasks could be shifted to a small group of
>       different persons instead (foundation management)?
>
I'd definitely like to see the ED act as the formal OpenID 
spokesperson/evangelist. Perhaps a better ROI could be had by hiring a 
few evangelists.

Allen

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20081204/09aa12fe/attachment-0002.htm>

More information about the general mailing list