[OpenID] New OpenID Customer Research Activity - Google research on federated login

[Scott Kveton]

> Decoupling email from OpenID identity is desirable from a privacy point of
> view in addition to being significantly more flexible.

>From a technical perspective, absolutely.  However, in practice, users
are still using their email address as an identifier and as much as we
might not like it, that's what's happening.

> At Sxip we built a prototype for creating a SAML assertion of a verified
> email address. We used AX to store and request the verified email, and
> demoed this at an IIW over a year ago.

Based on the feedback from the Content Provider meeting in NYC, it was
clear that people are looking for solutions and not a bunch of
technology for what the market and usability studies are showing to be
edge cases.

Sign the user in quickly, provide basic profile information to the
site and don't confuse the user.  If you have to explain privacy,
OpenID, URL's, implications on global warming, etc then we've failed.

- Scott