[OpenID] Combining Google & Yahoo user experience research

Paul Madsen paulmadsen at rogers.com
Mon Oct 20 17:36:11 UTC 2008


Peter, how would OpenID keep the user-centric principle (which I believe 
for you means allowing the user's choice for an OP trump that of RPs?) 
in 'some or other form'?

It seems a binary issue, i.e. an RP either has a whitelist (implying 
that the user must pick OPs from within if they want to authenticate 
that route or doesnt (implying that the user is not constrained in their 
OP choice)

Is there some meaningful middle ground?

For the RP to base it's decision on something more dynamic like OP 
reputation is more flexible, but it still means eventually the RP will 
have to say 'no' to some User when they present their OP.

paul

Peter Williams wrote:
> This is what the openid vs saml issue is really all about. If openid loses its uci roots, there is really no reason for openid to exist in my views. If it keeps uci at least in some or other strong form, its made a big difference.
>
> Saml is about banks and ttp culture.
> Openid is about people (versus people as mere  "users" of such as ttp banks).
>
> Of course, both sets of bits and bytes can easily actually address the other's communities. But thats not the point.
>
> -----Original Message-----
> From: Martin Atkins <mart at degeneration.co.uk>
> Sent: Sunday, October 19, 2008 11:45 PM
>
> To be honest, I don't
> care what my bank trusts. I care what I trust.
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
>
>   

-- 
Paul Madsen             e:paulmadsen @ ntt-at.com
NTT                     p:613-482-0432
                        m:613-282-8647
                        aim:PaulMdsn5
                        web:connectid.blogspot.com 




More information about the general mailing list