[OpenID] Thinking About OpenID.com

[Chris Drake]

Hi Brendon,

Some more suggestions...

6) Security - when folks have their fave provider, they're less
   vulnerable to phishing and password hijacking in other forms, not
   to mention, the providers job is to improve in this area too,
   freeing up the RP to ignore this stuff.

7) Legal responsibilities - probably not one that Providers are happy
   with, but, it's not the RPs fault if a customer account is
   plundered because of fault with the login system - freeing up the
   RP from the legal liability/responsibility of that issue (eg: the
   customer would sue the Provider, not the RP)

   Liability is probably different depending on the TOS involved, and
   the country of the customer and provider (and maybe RP) - some
   jurisdictions have laws that forbid the disclaiming of various kinds
   of liabilities.
   
Kind Regards,
Chris Drake


Thursday, March 20, 2008, 2:53:18 AM, you wrote:

BJW> +1 Snorri's comment.

BJW> I've been looking at OpenID for a client, and as I survey the OpenID
BJW> landscape it's become apparent very quickly that there's lots of
BJW> identity providers, but not a lot of relying parties. Any of the big
BJW> players seem to be staying out of that space, with the exception of
BJW> the blog platforms and open source CMS systems. Examples: AOL - only
BJW> Propeller seems to have OpenID as a login option. Yahoo! - haven't
BJW> found an OpenID login yet. All of the focus right now seems to be on
BJW> getting people to get an OpenID.

BJW> I think any discussion of how to evangelize OpenID to the general
BJW> public also requires the foundation to clearly articulate the value of
BJW> being a relying party, otherwise we risk stalled growth when users
BJW> finally decide to get an OpenID, but have nowhere to use it. JanRain
BJW> claims 8,000 relying parties, but I've seen little justification for
BJW> that number; OpenIDDirectory.com lists about 530 or so OpenID-related
BJW> sites, and 60 or so of them are identity providers. Demonstrating
BJW> value to potential relaying parties also requires showing, in no
BJW> uncertain terms, just how many people already use it.

BJW> I'd like to propose the following strawman benefits of being a relying
BJW> party for the group to eviscerate (warning: businesspeak ahead):

BJW> 1) Expedited customer acquisition: OpenID allows user to quickly and
BJW> easily complete the account creation process by eliminating entry of
BJW> commonly requested fields (email address, sex, birthdate), thus  
BJW> reducing the friction to adopt a new service.

BJW> 2) Reduced user account management costs: The primary cost for most IT
BJW> organizations is resetting forgotten authentication credentials. By
BJW> reducing the number of credentials, a user is less likely to forget
BJW> their credentials. By outsourcing the authentication process to a
BJW> third-party, the relying party can avoid those costs entirely.

BJW> 3) "Thought leadership": There is an inherent marketing value for an
BJW> organization to associate itself activities that promote it as a
BJW> thought leader. It provides an organization with the means to  
BJW> distinguish itself from its competitors. This is your chance to  
BJW> outpace your competitors.

BJW> 4) Your competitors are already doing it: Whoops! So you missed out on
BJW> number 4, so you have to do it, otherwise you're falling behind the
BJW> times. Ketchup!

BJW> 5) Simplified user experience: Logical follow on from 1 & 2. However,
BJW> it's at the end of the list because that's not the business priority.
BJW> The business priority is the benefit that results from a simplified
BJW> user experience, not the simplified user experience itself.

BJW> Thoughts?

BJW> Brendon
BJW> ---
BJW> Brendon J. Wilson
BJW> www.brendonwilson.com
BJW> _______________________________________________
BJW> general mailing list
BJW> general at openid.net
BJW> http://openid.net/mailman/listinfo/general