[OpenID] Windows Live ID OpenID CTP Status Update (August 2009)

John Bradley john.bradley at wingaa.com
Sat Aug 29 12:46:12 UTC 2009 

The term "Directed Identity"  is slightly vague.

The openID 2.0 spec added support for "Identifier Select".

It allows:
a) The User to identify who they are at there OP rather than the RP.
b) The User to select alternate persona at the OP to use at different  
RP.

I think most people agree that login buttons have caught on.

Though ironically if the number of OP increase we have just reinvented  
the SAML "Where Am I From" problem, that openID identifiers were  
intended to solve in the first place.

The second use hasn't seen a sufficiently good UI developed that users  
can take advantage of it.

We are also lacking a good UI for users to control there attributes.

This is also causing OP to streamline there interfaces to remove the  
ability to deselect returning attributes the RP has asked for.

The trend is towards the Google approach of using a "Pairwise" openID  
identifier and giving the user a yes/no choice for logging in with the  
attributes the RP has requested as required.

It isn't especially surprising that as a community we designed more  
features and flexibility than the public at large is initially  
interested in.

Personally with Pairwise identifiers becoming more common,  I find the  
attribute disclosure issue more concerning, and one that may cause a  
privacy backlash at some point.

A better UI is needed however.

John B.
On 29-Aug-09, at 5:38 AM, openid-general-request at lists.openid.net wrote:

> Date: Fri, 28 Aug 2009 15:44:13 -0700
> From: Allen Tom <atom at yahoo-inc.com>
> Subject: Re: [OpenID] Windows Live ID OpenID CTP Status Update (August
> 	2009)
> To: Jorgen Thelin <jthelin at microsoft.com>,
> 	"openid-general at lists.openid.net" <openid-general at lists.openid.net>
> Message-ID: <4A985DBD.9090803 at yahoo-inc.com>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> Jorgen Thelin wrote:
>> Hypothesis: <heresy> Directed identity choices don't work for  
>> *mainstream* users </heresy>
>>
> This is not heresy, this is the truth. I'd go even further and claim
> that directed identity doesn't work for most technically sophisticated
> users. Obviously, the folks on this list are an exception.
>
> The value proposition for OpenID is that users can sign into an RP  
> with
> an account that they already have. People who have multiple online
> identities or personas already know how to have multiple accounts for
> each persona, and already switch between accounts when they want to
> project a different identity.
>
> Allen

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090829/27ae727c/attachment.htm>

More information about the general mailing list