[OpenID] OpenID based on email addresses... Just Works!

Thu Oct 30 16:42:59 UTC 2008

On Thu, Oct 30, 2008 at 4:30 PM, Martin Atkins <mart at degeneration.co.uk>wrote:

> David Fuelling wrote:
>
>>
>>    That sounds more like an argument for you to use
>>    http://sappenin.com/ as your identifier instead of an email address.
>>
>>    If you want to use a HTTP URL for your identifier, just enter that
>>    URL into the RP directly!
>>
>>
>> For me, an internet-savvy, genius technology person (tongue-in-cheek),
>> you're right.  I know what it means to use the URL, and I do.  However, my
>> grandmother, who's a little bit less tech-savvy (she still calls the
>> Internet "email"), she has no idea that she should be using a URL, let alone
>> what the distinction is.  We need to be thinking about these people, and
>> about their future freedoms.  Like it or not, people are going to be using
>> email addresses as their primary identifier -- as the designers of this
>> stuff, we need to plan ahead and add flexibility for them ahead of time.
>>
>>
> Okay, but I'm not clear how you imagine your grandmother using this. Who
> sets up the URL mapping for her? Where does it map to? I assume from your
> description that your grandmother doesn't own her own domain, so all you're
> doing is pushing the problem a level deeper. How does she wrest control from
> the provider of the domain her URL is under?
>
>
>
So my grandma has a yahoo.com email address (she doesn't really, but for the
sake of illustration).  She types 'grandma at yahoo.com' into an RP, and in
2008, she'll use Yahoo.com as her OP.  But in 2009 (hypothetically), Yahoo
introduces the ability to "link" your email address to any OpenID of your
choosing.  They setup a control panel to facilitate this, etc.  My grandma,
being not that sophisticated, will likely continue using Yahoo.  But me --
I'll be able to now link my yahoo.com email address to my
sappenin.comOpenID.  In 2012 (assume my grandma is kind of young), I
go over to her
house and say, "Grandma, did you know that if you start using Google.com as
your Identity Provider, they'll pay you $1 every time you login to a site,
because they're Google and they can do that sort of thing?".  My grandma
will say something like, "Wow, I use the computer a lot, and that will
subsidize my social security -- Thanks Google!".  And oh, by the way, since
it's 2012, Google has an automated system to do all of this for my Grandma,
so she doesn't even need my help to let Google subsidize her social
security.   She simply switches over her OpenID email mapping/Delegation
information.....but retains her email yahoo email address as her "login
mechanism".

The example is highly contrived (except for the Google Social Security
Initiative that I accidentally announced [Sorry Google, didn't mean to
pre-announce that!]), but the principles are valid.

The key point is not really "how" or "who", but merely the fact that it's
possible.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20081030/bbeff989/attachment-0002.htm>