[OpenID] Combining Google & Yahoo user experience research
Paul Madsen
paulmadsen at rogers.com
Mon Oct 20 17:36:11 UTC 2008
Peter, how would OpenID keep the user-centric principle (which I believe
for you means allowing the user's choice for an OP trump that of RPs?)
in 'some or other form'?
It seems a binary issue, i.e. an RP either has a whitelist (implying
that the user must pick OPs from within if they want to authenticate
that route or doesnt (implying that the user is not constrained in their
OP choice)
Is there some meaningful middle ground?
For the RP to base it's decision on something more dynamic like OP
reputation is more flexible, but it still means eventually the RP will
have to say 'no' to some User when they present their OP.
paul
Peter Williams wrote:
> This is what the openid vs saml issue is really all about. If openid loses its uci roots, there is really no reason for openid to exist in my views. If it keeps uci at least in some or other strong form, its made a big difference.
>
> Saml is about banks and ttp culture.
> Openid is about people (versus people as mere "users" of such as ttp banks).
>
> Of course, both sets of bits and bytes can easily actually address the other's communities. But thats not the point.
>
> -----Original Message-----
> From: Martin Atkins <mart at degeneration.co.uk>
> Sent: Sunday, October 19, 2008 11:45 PM
>
> To be honest, I don't
> care what my bank trusts. I care what I trust.
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
>
>
--
Paul Madsen e:paulmadsen @ ntt-at.com
NTT p:613-482-0432
m:613-282-8647
aim:PaulMdsn5
web:connectid.blogspot.com
More information about the general
mailing list