[OpenID] Perceptions of OpenID

Mon Jan 5 19:23:25 UTC 2009

On Sun, 4 Jan 2009 13:15:43 -1000
"Chris Messina" <chris.messina at gmail.com> wrote:
> I've just blogged about perceptions I've seen recently of OpenID in
> the wild.
> http://tr.im/fj_perception

Some good notes. I just went poking around to see if some of my
conceptions about OpenID were true, and found that they appear to not
be. However, let me lay them out, and lay out why I had them, and why,
despite being an early adopter of LID and wanting to wholeheartedly
embrace OpenID, I, except for staying on the mailing lists and skimming
things occasionally, no longer care about OpenID.

When I followed Johannes over this direction and abandoned playing with
LID for OpenID, I wanted one thing: To be able to post comments on
discussion forums without remembering a gazillion passwords. Something
to print on business cards that'd let people update their Rolodex like
devices automagically was a "yeah, that'd be neat too" concern.

Somehow I got from there to now without ever being aware of the OpenID
Simple Registration Extension 1.0. I saw all sorts of discussions
about how I could log in to an OpenID site without revealing my actual
identifying URL, a bunch of discussions about using things other than
HTTP URLs that I don't understand, acres and acres of "should we
require HTTPS?" and similar, and missed that at some point there was a
way to actually fill in my nickname and email on those weblog posts
automatically.

Anyone got an idea of how many providers implement openid.sreg? How
many consumers? And why it wasn't clear that I could pass a user name
and a password from the "/what/" page, I had to click through to a
developer spec? How about some "this is what OpenID lets you do" from
that "/what/" page, not "manage an identity" PHB speak but actual
concrete stuff?

And, while I, as a guy who wants to use OpenID, am asking a few
questions, how come the last time I wanted to test my OpenID login
(Evan's extensions to MediaWiki running on my own server) the first page
of Google results for test apps seemed to be all 404 or 503?

I like the concept of OpenID, but every time I, as a developer of a
middlin' little 'blog, or as a user who'd like an OpenID that I control,
go back to look at it, I say "screw it, that's gotten way too complex",
and consider setting up the Facebook API or something.

And continue with the old password situation.

And, no, I didn't join the OpenID foundation and vote in the recent
elections because I'd ceased to care what happened with OpenID and
figured I'd pick it up again when it became relevant. Is that gonna
happen for me, the guy who just wants to comment on blogs?

Dan