[OpenID] Is OpenID truly user-centric and OP-independent? (WAS: Bug in OpenID RP implementations)
Andrew Arnott
andrewarnott at gmail.com
Wed Jan 14 14:06:16 UTC 2009
Yes, I wish everyone could follow that model at Plaxo.
But Plaxo would do well to adopt OAuth. I noticed as soon as I created an
account just now that they wanted to take my email
password<http://blog.nerdbank.net/2008/10/why-oauth-can-be-ignored.html>.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - Voltaire
On Wed, Jan 14, 2009 at 5:51 AM, Peter Williams <pwilliams at rapattoni.com>wrote:
> Add a plural s to the word identity.
>
>
>
> IN policy language, the goal is surely not attaining "independence" from
> the communications infrastructure; but achieving "autonomy".
>
>
>
> This is nicely seen in the plaxo model for building RPs, where you can bind
> n openids to the plaxo account. As a user, you can invoke any one of these
> identification paths. If flicker suspends your account (which they are want
> to do), there is no downside to you at Plaxo. Survivability is built in,
> with automatic, dynamic re-routing around the congestion point.
>
>
>
>
>
> *From:* general-bounces at openid.net [mailto:general-bounces at openid.net] *On
> Behalf Of *Andrew Arnott
> *Sent:* Wednesday, January 14, 2009 5:35 AM
> *To:* Martin Atkins
>
> **
>
> In fact, I've become convinced that there is no way to allow a user to
> maintain his own OpenID identity independent of any OP or ISP given the
> profile of a common Internet user today.
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090114/6df7bcec/attachment-0002.htm>
More information about the general
mailing list