[OpenID] New OpenID Customer Research Activity - Google research on federated login

[Peter Williams]

Didnt ping do this ( in the saml world )? and deploy it?

>From email domain, form url, pick up saml metadata and import it. Or do the same with openid xrds metadata, doing the same thing (unsigned xrds stream, tho).

Be nice if saml and openid could do this in common, here. Openid for fly by night nofuss web2.0 registrations, and saml for anything with formal privacy obligation passing between the parties.

-----Original Message-----
From: Dick Hardt <dick.hardt at gmail.com>
Sent: Thursday, September 25, 2008 9:20 AM
To: Eric Sachs <esachs at google.com>
Cc: general at openid.net <general at openid.net>
Subject: Re: [OpenID] New OpenID Customer Research Activity - Google    research on federated login


On 25-Sep-08, at 6:57 AM, Eric Sachs wrote:
>
> I believe this idea has come up in some of the past discussions
> about defining a mapping of an E-mail address to an OpenID URL.  If
> we standardized that, then an RP could do discovery on that E-mail
> mapped URL which would be hosted by the E-mail provider, but then
> the E-mail provider could allow the owner of that E-mail to specify
> a different OP (or maybe multiple OPs) which they trust to assert
> their E-mail address.  I was not part of those discussions, but
> maybe someone else can jump in to confirm whether I described that
> accurately.

I'm hoping we can get a permanent page up somewhere that explains why
email as an OpenID identity is a bad idea so that I don't have to keep
killing this train of thought.

While I can see the UX advantage of a new user being able to type in
their email address so that you can do discovery -- it creates more
problems than it solves.

I'm swamped right now, but should have a chance shortly to articulate
my thoughts for anyone that is interested.

-- Dick
_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general