[OpenID] Thinking About OpenID.com
Snorri
snorri at snorri.eu
Fri Mar 21 09:32:40 UTC 2008
In fact, it’s between 41 and 49% ! = it’s enormous!
Translation (by Google not by me :) “41% of respondents believe the forms
are too long, one surfer in 4 said they do not know them identify their
mistakes, and so on. In other words, the first improvement to limit the
outflow of road, would be able to provide forms clearer, more educational
content on the expected and possible mistakes to be corrected, or even
digging tracks other innovative solutions limiting those time seizures.”
The two companies are realized this interesting study in several countries
http://www.opinion-way.com/english/index.php and
http://www.valtech.us/us/index.html
Maybe you can contact them and ask them this study
Regards
-Snorri
De : Nat Sakimura [mailto:sakimura at gmail.com]
Envoyé : vendredi 21 mars 2008 08:07
À : Snorri
Cc : Eddy Nigg (StartCom Ltd.); Peter Williams; Brendon J. Wilson;
general at openid.net
Objet : Re: [OpenID] Thinking About OpenID.com
Snorri:
Could you kindly point me to the source of the +40% (French study) internet
user close?
If any other people has similar kind of statistics, it is very helpful for
the community to share.
This is a very powerful tool to persuade the potential RPs. If we can show
that OpenID will improve the conversion rate, they will start pouring money
on it.
Nat
2008/3/21, Snorri <snorri at snorri.eu>:
The best would be to resume the "benefits for the RPs" in 10/12 short points
with a Marketing/Business language but "neutral" = no subjective
ð http://www.openideurope.eu/openid/relying-party/
I would like to add:
- The possibility of having databases always updated (depends on the
implementation) with the last information of end users, e.g.: My last
address if I move
- Reduce deaths user accounts; Often users test only once a site but with
his OP
he can remember that he had already an Return to this site
- +40% (French study) internet user close a site because there are a form,
OpenID can increase the rate of transformation of a prospect to become a
customer
Thoughts? (improve my words :)
Thank for your participation
-Snorri
De : general-bounces at openid.net [mailto:general-bounces at openid.net] De la
part de Eddy Nigg (StartCom Ltd.)
Envoyé : jeudi 20 mars 2008 18:20
À : Peter Williams
Cc : general at openid.net
Objet : Re: [OpenID] Thinking About OpenID.com
+1
--
Regards
Signer:
Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
Jabber:
startcom at startcom.org
Blog:
Join the Revolution! <http://blog.startcom.org>
Phone:
+1.213.341.0390
Peter Williams:
Point 6 is very subjective, judged using the following (subjective)
criteria.
10+ years of evidence has shown that consumers are unwilling or unable to
handle self-signed cert root key download events, being unable or unwilling
to evaluate the trust providers who assurance underpin the delivery of SSL
security services. This is likely to extend to the world of https openids, a
type of openid that our trade association is apparently promoting as a "best
practice" (a material, legal event, note). Its not clear that consumer will
be suddenly be able to now determine which providers are capable of
providing anti-phishing protection.
Point 7 is perhaps ill advised as a basic rationale for openid adoption by
RPs.
Relying parties are inevitably liable for the circumstances of their act of
reliance on any (security) assertion made by a third party, says this
non-lawyer. Having admitted an openid to be used to impersonate a subscribed
user, and upon relying upon a UCI-grade OP's assertion, the RP will surely
continue to have the full panoply of legal obligations.
Assume for example, that the RP (e.g. "plaxo") is operating in the state of
California. Assume also that the RP has account linked one or more of a
CONSUMER's openids to a single "plaxo" for-fee account (that is subscribed
to be in good standing), where we note that "plaxo" is in the normal,
_dominant_ business-to-consumer legal relationship with the subscriber, as
assessed under CA criteria. Assume now that the OP involved in the account
linking is just 1 of several UCI-grade OPs bound by "plaxo" - upon one or
more constructive acts of reliance involving cert messages and openid auth
messages - to this and other subscriber accounts. Assume furthermore that
"plaxo" is relying upon one or more OPs with whom it has no agreements
governing the act of reliance. Lets assert now that it is now common public
knowledge that a given OP has engaged in an improper act, leading to the
situation that there is a "high level of risk" that Personal data of a
"plaxo" subscriber has been compromised. We could ask Plaxo's general
counsel to volunteer legal advice on a hypothetical: would s/he now feel
legally obligated under CA law to issue n written letters by US post to all
"affected" _subscribers_, warning them of the generalized exposure? If so,
how would one enumerate those who are "affected" in the case of UCI-grade
openid?
_____
From: Chris Drake
Sent: Thu 3/20/2008 3:34 AM
To: Brendon J. Wilson
Cc: general at openid.net
Subject: Re: [OpenID] Thinking About OpenID.com
Hi Brendon,
Some more suggestions...
6) Security - when folks have their fave provider, they're less
vulnerable to phishing and password hijacking in other forms, not
to mention, the providers job is to improve in this area too,
freeing up the RP to ignore this stuff.
7) Legal responsibilities - probably not one that Providers are happy
with, but, it's not the RPs fault if a customer account is
plundered because of fault with the login system - freeing up the
RP from the legal liability/responsibility of that issue (eg: the
customer would sue the Provider, not the RP)
Liability is probably different depending on the TOS involved, and
the country of the customer and provider (and maybe RP) - some
jurisdictions have laws that forbid the disclaiming of various kinds
of liabilities.
Kind Regards,
Chris Drake
Thursday, March 20, 2008, 2:53:18 AM, you wrote:
BJW> +1 Snorri's comment.
BJW> I've been looking at OpenID for a client, and as I survey the OpenID
BJW> landscape it's become apparent very quickly that there's lots of
BJW> identity providers, but not a lot of relying parties. Any of the big
BJW> players seem to be staying out of that space, with the exception of
BJW> the blog platforms and open source CMS systems. Examples: AOL - only
BJW> Propeller seems to have OpenID as a login option. Yahoo! - haven't
BJW> found an OpenID login yet. All of the focus right now seems to be on
BJW> getting people to get an OpenID.
BJW> I think any discussion of how to evangelize OpenID to the general
BJW> public also requires the foundation to clearly articulate the value of
BJW> being a relying party, otherwise we risk stalled growth when users
BJW> finally decide to get an OpenID, but have nowhere to use it. JanRain
BJW> claims 8,000 relying parties, but I've seen little justification for
BJW> that number; OpenIDDirectory.com lists about 530 or so OpenID-related
BJW> sites, and 60 or so of them are identity providers. Demonstrating
BJW> value to potential relaying parties also requires showing, in no
BJW> uncertain terms, just how many people already use it.
BJW> I'd like to propose the following strawman benefits of being a relying
BJW> party for the group to eviscerate (warning: businesspeak ahead):
BJW> 1) Expedited customer acquisition: OpenID allows user to quickly and
BJW> easily complete the account creation process by eliminating entry of
BJW> commonly requested fields (email address, sex, birthdate), thus
BJW> reducing the friction to adopt a new service.
BJW> 2) Reduced user account management costs: The primary cost for most IT
BJW> organizations is resetting forgotten authentication credentials. By
BJW> reducing the number of credentials, a user is less likely to forget
BJW> their credentials. By outsourcing the authentication process to a
BJW> third-party, the relying party can avoid those costs entirely.
BJW> 3) "Thought leadership": There is an inherent marketing value for an
BJW> organization to associate itself activities that promote it as a
BJW> thought leader. It provides an organization with the means to
BJW> distinguish itself from its competitors. This is your chance to
BJW> outpace your competitors.
BJW> 4) Your competitors are already doing it: Whoops! So you missed out on
BJW> number 4, so you have to do it, otherwise you're falling behind the
BJW> times. Ketchup!
BJW> 5) Simplified user experience: Logical follow on from 1 & 2. However,
BJW> it's at the end of the list because that's not the business priority.
BJW> The business priority is the benefit that results from a simplified
BJW> user experience, not the simplified user experience itself.
BJW> Thoughts?
BJW> Brendon
BJW> ---
BJW> Brendon J. Wilson
BJW> www.brendonwilson.com
BJW> _______________________________________________
BJW> general mailing list
BJW> general at openid.net
BJW> http://openid.net/mailman/listinfo/general
_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general
_____
_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general
_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general
--
Nat Sakimura (=nat)
http://www.sakimura.org/en/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20080321/89a8c881/attachment-0002.htm>
More information about the general
mailing list