[OpenID] Facebook Cooperation with German Email Providers?

Peter Williams pwilliams at rapattoni.com
Wed Aug 26 00:18:44 UTC 2009 

Should be easily proxiable, since openid's foreground post/get has no endend countermeasures.




On Aug 25, 2009, at 3:18 PM, "Luke Shepard" <lshepard at facebook.com<mailto:lshepard at facebook.com>> wrote:

Thanks Steven – that’s exactly right. We’ve been looking for ways to incorporate OpenID that supports our core business.

Now, users of GMX.de<http://GMX.de> or Web.de<http://Web.de> can easily jump-start Facebook registration with a verified email address using the OpenID protocol – or, if they already have a Facebook account, they can just link the two to allow for automatic login (when they are logged into GMX, they are automatically logged into Facebook).

To address some of the earlier questions on the thread:

> Are Web.de/GMX<http://Web.de/GMX> and Facebook using any vendor specific APIs or extensions?

There are no vendor specific APIs or extensions – we are using off-the-shelf OpenID. The automatic login uses checkid_immediate, and the verified email is passed using Attribute Exchange. In fact, it’s the same code path as Gmail. The standard has been pretty great :)

> However users had to provide usernames and passwords -> password anti-pattern.

If the user already has a Facebook account, then they are given the option to link that account instead of creating a new one. But in no circumstances does the user enter their Facebook password anywhere but Facebook. We are using OpenID to avoid the password anti-pattern.

> Chris: What is Open IP?

A creative new form of typo? :-P

If you have a web.de<http://web.de> account and you try it out, let me know if you have feedback.

- Luke


On 8/25/09 12:22 PM, "Steven Livingstone Pérez" <<weblivz at hotmail.com>weblivz at hotmail.com<mailto:weblivz at hotmail.com>> wrote:

It's a small but significant step forward.

Business-wise they'd never get the go ahead to just release OpenID to the wild.

Moving in the right direction tho'.

steven
<http://livz.org>http://livz.org

________________________________
From: <pwilliams at rapattoni.com> pwilliams at rapattoni.com<mailto:pwilliams at rapattoni.com>
To: <sccpffm at gmail.com> sccpffm at gmail.com<mailto:sccpffm at gmail.com>; <openid-general at lists.openid.net> openid-general at lists.openid.net<mailto:openid-general at lists.openid.net>
Date: Tue, 25 Aug 2009 11:46:22 -0700
Subject: Re: [OpenID] Facebook Cooperation with German Email Providers?



That is the question that many analysts are now asking; now there is something to bother asking about.



Is openid a movement that simply defined some bit of technology from which vendors build private authentication networks?



Or is openid an open standard that requires no vendor-vendor setup to let users interwork?



There are two things to measure: what the foundation says, and what one can measure as praxis of the larger corporate players.



From: <openid-general-bounces at lists.openid.net> openid-general-bounces at lists.openid.net<mailto:openid-general-bounces at lists.openid.net> [<mailto:openid-general-bounces at lists.openid.net>mailto:openid-general-bounces at lists.openid.net] On Behalf Of Carsten Pötter
Sent: Tuesday, August 25, 2009 11:15 AM
To: <openid-general at lists.openid.net> openid-general at lists.openid.net<mailto:openid-general at lists.openid.net>
Subject: [OpenID] Facebook Cooperation with German Email Providers?



Yesterday German email providers Web.de<http://Web.de> and GMX released a press release stating that their users will be able to log in to Facebook using OpenID (<http://faz-community.faz.net/blogs/netzkonom/archive/2009/08/24/facebook-chooses-german-e-mail-provider-web-de-and-gmx-as-first-open-id-partner-in-europe.aspx>http://faz-community.faz.net/blogs/netzkonom/archive/2009/08/24/facebook-chooses-german-e-mail-provider-web-de-and-gmx-as-first-open-id-partner-in-europe.aspx). Both email providers are subsidiaries of United Internet and dominate the German email market.



So far both providers offered users a "navigator" to log in to various social networks, online merchants,... However users had to provide usernames and passwords -> password anti-pattern. If I got things right, both providers have to become OpenID Providers now. Though why is there an explicit cooperation with Facebook?



Is Facebook eventually accepting OpenIDs?

Are Web.de/GMX<http://Web.de/GMX> and Facebook using any vendor specific APIs or extensions?



Anyone from Facebook here who can shed some light on the topic? Thanks!



Carsten

________________________________
With Windows Live, you can organize, edit, and share your photos. Click here. <<http://www.windowslive.com/Desktop/PhotoGallery>http://www.windowslive.com/Desktop/PhotoGallery>
_______________________________________________
general mailing list
general at lists.openid.net<mailto:general at lists.openid.net>
http://lists.openid.net/mailman/listinfo/openid-general

More information about the general mailing list