[OpenID] Fwd: [OpenID Foundation] New Poll Opened

Peter Williams pwilliams at rapattoni.com
Thu Mar 19 18:56:29 UTC 2009 

And why does the board and "founders" seek to exercise SO much control?

From: general-bounces at openid.net [mailto:general-bounces at openid.net] On Behalf Of Allen Tom
Sent: Thursday, March 19, 2009 11:40 AM
To: Brett McDowell
Cc: board at openid.net; general at openid.net List
Subject: Re: [OpenID] Fwd: [OpenID Foundation] New Poll Opened

Hi Brett,

The original proposal was to name the WG the "Popup WG" but after the scope was expanded to include language preference, we renamed it the OpenID UI WG. Although the scope of  UI Extension 1.0 is strictly limited to the Popup UI and the Language Preference, we hope that the 1.0 extension defines an mechanism that can be reused for future UI enhancements.

I do think that there is way too much overhead in forming an OpenID WG. The UI WG will be the fastest WG ever created, taking approximately 6 weeks to create, which I feel is 5 weeks too long.

With regards to having the user enter their credentials in a popup window, there are many OPs and RPs that would like to use this feature immediately, and are waiting for a standard interface to be defined. Phishing still is a major concern, however, we do not think that the popup window significantly changes the phishing scenarios compared to the existing full browser window UIs today. We do think that the Popup UI will significantly increase the usability of OpenID, would could increase the demand for anti-phishing solutions, as OpenID becomes more widely used.

Allen

Brett McDowell wrote:

This proposal is specifically scoped to a pop-up window paradigm.  Therefore it concerns me that the specification is going to be branded "OpenID User Interface Extension 1.0" and the Working Group will be branded *the* "OpenID User Interface Working Group".  Certainly there must be other approaches to improving OpenID UI.  Hasn't the eCommerce industry been teaching users to never put their credentials into a pop-up window for fear of phishing?

I would like to vote in favor of this Working Group but I cannot support it as written.  I humbly suggest the following changes:

Name to: "OpenID Pop-Up User Interface Working Group"
Specification to: "OpenID Pop-Up User Interface Extension 1.0"

Those two minor changes would signify an awareness that there may be other approaches to improving the OpenID UI, and it might even encourage some alternative proposals to come forward which will only strengthen OpenID UI down-the-road.

P.S.
If I'm out-of-compliance with OIDF process please let me know and point me to the process document I should reference in the future.

Thank you,

Brett McDowell | +1.413.652.1248 | http://info.brettmcdowell.com

Begin forwarded message:


From: membership at oidf.org<mailto:membership at oidf.org>
Date: March 19, 2009 9:40:23 AM EDT
To: brett at ICTprojects.com<mailto:brett at ICTprojects.com>
Subject: [OpenID Foundation] New Poll Opened

Hello Brett McDowell,

Voting has opened on the following poll -- please register your vote before 2009-03-26.

Link: https://openid.net/foundation/members/polls/15

Title:  Approve the Creation of the OpenID User Interface Working Group

Description: The Specifications Council recommends that the Foundation members approve the creation of the OpenID User Interface Working Group, as proposed below.

    Name

OpenID User Interface Working Group


    Background Information

OpenID traditionally requires the Relying Party to redirect the entire
browser window to the OpenID Provider for the user to authenticate
before redirecting the browser back to the Relying Party. It is believed
that the User Experience (UX) could be significantly improved if the
authentication flow occurred within a smaller popup window, making the
experience less disruptive to the user.

Although it is possible for Relying Parties to open a popup window for
the user to authenticate at the OpenID Provider using the Provider's
default user interface, the overall user experience can be optimized if
the OP was aware that its UI was running within a popup. For instance,
an OP may want to resize the popup browser window when using the popup
interface, but would probably not want to resize the full browser window
when using the default redirect interface. Another optimization is that
the OP can close the popup, rather than return a negative assertion if
the user chooses to cancel the authentication request.

Users who begin the OpenID sign in process on a Relying Party in one
language and then transition to their OpenID Provider's site in a
different language may find the overall experience to be very
disruptive. In many cases, the Relying Party may want to pass a language
hint to the OpenID Provider to use to display the User Interface to the
user, especially if the user is not already authenticated at the OP.




    Statement of Purpose

This workgroup intends to produce a very brief OpenID extension to
enable the OpenID Authentication User Interface to be invoked in a
standalone popup window, and to allow the Relying Party to request that
the user interface be displayed in a particular language.




    Scope

Produce an extension that allows an OpenID Provider to indicate its
support of a popup friendly user interface, as opposed to the default
user interface optimized for a full browser window. The popup must be in
an independent browser window, and must not be framed by the RP.



The extension will also define a mechanim for RPs to pass a language
hint to the OP to help determine the langange used to display the OpenID
Authentication user interface.


    Out of Scope

The content of the user interface other than the language that the
interface is displayed in is out of scope.




    Specifications

OpenID User Interface Extension 1.0


    Anticipated audience

All those interested in improving OpenID Usability.


    Language of business

English.


    Method of work

Mailing list discussion. Posting of intermediate drafts in the OpenID
Wiki. Virtual conferencing on an ad-hoc basis.


    Basis for completion of the activity

The OpenID User Interface Extension 1.0 final draft is completed.


    Proposers

  * Allen Tom, atom at yahoo-inc.com, Yahoo!
  * Brian Ellin, brian at janrain.com, Janrain
  * David Recordon, david at sixapart.com, Six Apart
  * Chris Messina, chris at citizenagency.com, Vidoop/DiSo Project
  * Breno de Medeiros, breno at google.com, Google
  * Luke Shepard, lshepard at facebook.com, Facebook


    Initial Editors

  * Allen Tom, atom at yahoo-inc.com, Yahoo!
  * Breno de Medeiros, breno at google.com, Google

Available Choices:

* Approve New Working Group
* Reject New Working Group
* Abstain

Thank you for your participation!

---
The OpenID Foundation
http://openid.net/foundation/







________________________________






_______________________________________________

general mailing list

general at openid.net<mailto:general at openid.net>

http://openid.net/mailman/listinfo/general



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090319/1b5d9706/attachment-0002.htm>

More information about the general mailing list