[OpenID] Problems with delegation and directed identity OPs
Deron Meranda
deron.meranda at gmail.com
Thu Nov 6 18:52:38 UTC 2008
On Thu, Nov 6, 2008 at 1:22 PM, Martin Atkins <mart at degeneration.co.uk> wrote:
> Deron Meranda wrote:
>> And, just from curiosity, why are the randomly generated URIs
>> (both Google and Yahoo!) so long? ...
>
> If I recall correctly, in Yahoo!'s case it's the output of some standard
> hashing function ...
Maybe, although neither appear to be obviously base64 or hex encoded
or anything. If they are random they both appear to contain over
2^214 bits of entropy, which is way more than most hash functions.
It almost looks like they are encoding information in them rather than
being information free.
But it's not really important; they are perfectly good URIs, and OPs
can generate them any way they want to.
The only thing I see is that the long random alphanumeric strings look
like garbage output to humans. I bet that they might scare someone who
wasn't technical. And usability is already enough of a concern with OpenID
that we shouldn't be scaring users with additional unnecessary "line noise".
Which of these looks more friendly and which looks like your computer
just caught a virus?
https://me.yahoo.com/a/G.4lhbJZk1D-YjBwLCJPM93tC.azJxe7YumU
or
https://me.yahoo.com/identity/6881-4038-2478
To be fair, although Google's look just as ugly, they don't show them
to the user.
--
Deron Meranda
More information about the general
mailing list