[OpenID] Windows Live ID OpenID CTP Status Update (August 2009)
Peter Williams
pwilliams at rapattoni.com
Sat Aug 29 18:20:35 UTC 2009
It's a bridge too far, John. Take the big win, and move on to bigger concepts later. Don't oversell it, at this point.
"WebSSO with auto-pop of signup forms. "
That's what folks want - and see in openid. Nothing else is required - to join SSL on the web security pantheon.
Just deliver the original openid1 concept, with that luxurious openid2 technology.
From: openid-general-bounces at lists.openid.net [mailto:openid-general-bounces at lists.openid.net] On Behalf Of John Bradley
Sent: Saturday, August 29, 2009 5:46 AM
To: openid-general at lists.openid.net
Subject: [OpenID] Windows Live ID OpenID CTP Status Update (August 2009)
The term "Directed Identity" is slightly vague.
The openID 2.0 spec added support for "Identifier Select".
It allows:
a) The User to identify who they are at there OP rather than the RP.
b) The User to select alternate persona at the OP to use at different RP.
I think most people agree that login buttons have caught on.
Though ironically if the number of OP increase we have just reinvented the SAML "Where Am I From" problem, that openID identifiers were intended to solve in the first place.
The second use hasn't seen a sufficiently good UI developed that users can take advantage of it.
We are also lacking a good UI for users to control there attributes.
This is also causing OP to streamline there interfaces to remove the ability to deselect returning attributes the RP has asked for.
The trend is towards the Google approach of using a "Pairwise" openID identifier and giving the user a yes/no choice for logging in with the attributes the RP has requested as required.
It isn't especially surprising that as a community we designed more features and flexibility than the public at large is initially interested in.
Personally with Pairwise identifiers becoming more common, I find the attribute disclosure issue more concerning, and one that may cause a privacy backlash at some point.
A better UI is needed however.
John B.
On 29-Aug-09, at 5:38 AM, openid-general-request at lists.openid.net<mailto:openid-general-request at lists.openid.net> wrote:
Date: Fri, 28 Aug 2009 15:44:13 -0700
From: Allen Tom <atom at yahoo-inc.com<mailto:atom at yahoo-inc.com>>
Subject: Re: [OpenID] Windows Live ID OpenID CTP Status Update (August
2009)
To: Jorgen Thelin <jthelin at microsoft.com<mailto:jthelin at microsoft.com>>,
"openid-general at lists.openid.net<mailto:openid-general at lists.openid.net>" <openid-general at lists.openid.net<mailto:openid-general at lists.openid.net>>
Message-ID: <4A985DBD.9090803 at yahoo-inc.com<mailto:4A985DBD.9090803 at yahoo-inc.com>>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Jorgen Thelin wrote:
Hypothesis: <heresy> Directed identity choices don't work for *mainstream* users </heresy>
This is not heresy, this is the truth. I'd go even further and claim
that directed identity doesn't work for most technically sophisticated
users. Obviously, the folks on this list are an exception.
The value proposition for OpenID is that users can sign into an RP with
an account that they already have. People who have multiple online
identities or personas already know how to have multiple accounts for
each persona, and already switch between accounts when they want to
project a different identity.
Allen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090829/800c0c5a/attachment.htm>
More information about the general
mailing list