[OpenID] Facebook support for OpenID. Where?

Wed May 20 03:25:43 UTC 2009

Ok, I could buy all of your arguments except the email address one.  I know
this is your soapbox, and I'm not interested in discussing it any more.  But
having an email address for an OpenID is not at all required for a
reasonable login experience at Facebook.  There are many many OpenID RPs
that are good examples of how an OpenID *today*, with an *optional* or *
required* email address *works already*.  Using an email address for an
OpenID does *nothing magical*.  Can you get off this soapbox already?

--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - S. G. Tallentyre

On Tue, May 19, 2009 at 7:30 PM, Santosh Rajan <santrajan at gmail.com> wrote:

> Andrew,This is not only a farce, unfortunately it is also extremely bad
> news for OpenID.
> 1) Requiring one ID (Facebook ID) to use another ID (OpenID) is ridiculous
> to say the least. It is going to give a wrong impression about OpenID to all
> the Facebook users.
> 2) It will also give an impression that OpenID is something for accessing
> users data from another provider. Really this is the work of OAuth.
> 3) It gives the impression that OpenID is something like "twitter ID" which
> it is not. Again this is OAuth domain.
> 4) What impression do you think this is going to give potential RP's? Are
> you going to show Facebook as a great example of OpenID implementation?
>
> I am not buying the argument that this is only a trial phase etc. If they
> really wanted to try OpenID they should have tried a beta for limited users.
> That is what most RP's do. If anything this will thoroughly confuse
> everybody about what OpenID is. This is going to cause more damage to OpenID
> than anything constructive.
>
> I beleive OpenID MUST be on the users "log in" page and not buried
> somewhere in his "settings" page. I have already said many many times that
> RP's like these cannot implement OpenID correctly without an email address.
> But at the same time I dont want RP's to go ahead and implement something
> half baked and give the wrong impression to everybody. And Facebook
> implementation is going to remain more or less like this until the day
> emails are accepted as OpenID's.
>
> On Wed, May 20, 2009 at 7:04 AM, Andrew Arnott <andrewarnott at gmail.com>wrote:
>
>> Santosh,
>>
>> This isn't a farce at all, IMO.  Facebook is a very big web site and
>> they're rolling out OpenID RP support slowly.  Right now their UI has
>> experienced almost 0 change and yet they're able to start collecting data
>> without intruding on the users who don't know what OpenID is.  As they
>> collect usage data and test interoperability with various OPs, they gain
>> confidence that they can add some UI to the login and account creation pages
>> so that eventually a password will no longer be required to create an
>> account.
>>
>> I think it's a perfectly reasonable first step.
>>
>> I don't like that Facebook requires access to my Contacts to hook up with
>> Google.  But if you don't like that, type in your own OpenID that is from an
>> OP that doesn't have contacts and FB can't force you to give up your
>> Contacts.  That's one of the pillars of OpenID: choose your OP.  And yes,
>> FB's auto-login feature works with any OP (not just Google, notwithstanding
>> the blog posts implying otherwise), as long as that OP supports
>> checkid_immediate, which most do.
>>
>> As far as Facebook being email address centric, I don't think that has
>> been a blocker with Facebook becoming an RP at all.  And I'm looking forward
>> to a future Facebook where email address is optional, and it comes
>> automatically with OpenID if I say it should while logging in.
>>
>> --
>> Andrew Arnott
>> "I [may] not agree with what you have to say, but I'll defend to the death
>> your right to say it." - S. G. Tallentyre
>>
>>
>> On Mon, May 18, 2009 at 9:08 PM, Santosh Rajan <santrajan at gmail.com>wrote:
>>
>>>
>>> I am seeing tweets and blog posts about Facebook support for OpenID. I
>>> had
>>> already suggested in an earlier post that it is going to be a farce. And
>>> that is what it exactly is.
>>>
>>> You see, I have always maintained that it is impossible for Web site's
>>> who
>>> base their user identity on email addresses to support OpenID in the
>>> current
>>> form. And let me list out the problems with the so called Facebook OpenId
>>> support.
>>>
>>> You can't log in into Facebook with your OpenID unless you are already
>>> logged in to another OpenID provider. So if you fire up your browser and
>>> go
>>> straight to Facebook, sorry!
>>>
>>> You cannot create a Facebook account with OpenID. You need to create your
>>> Facebook account with your email address, and then log in to your
>>> account,
>>> and then go to settings, and then link your OpenID account.
>>>
>>> Ok, so I decided to link my Google Account. I found that I could not link
>>> to
>>> my Google Account without me handing over all my Google contacts! In
>>> other
>>> words Google log in was useless for me.
>>>
>>> When I tried to log in with Yahoo and I got the famous Yahoo message
>>> "Warning: This website has not confirmed its identity with Yahoo! and
>>> might
>>> be fraudulent. Do not share any personal information with this website
>>> unless you are certain it is legitimate."
>>>
>>> And what I find most embarrassing is the so called "Openid evangelists"
>>> going "gaga" over this release. Maybe it is "Facebook" so they better say
>>> good things, no matter whatever they do.
>>>
>>> -----
>>>
>>> Santosh Rajan
>>> http://santrajan.blogspot.com http://santrajan.blogspot.com
>>> --
>>> View this message in context:
>>> http://www.nabble.com/Facebook-support-for-OpenID.-Where--tp23609450p23609450.html
>>> Sent from the OpenID - General mailing list archive at Nabble.com.
>>>
>>> _______________________________________________
>>> general mailing list
>>> general at openid.net
>>> http://openid.net/mailman/listinfo/general
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090519/88ee1e69/attachment.htm>