[OpenID] Facebook support for OpenID. Where?

Peter Williams pwilliams at rapattoni.com
Wed May 20 03:31:24 UTC 2009 

The property of being unable to leverage openid until logged into an something else first goes back at least to Blogger. My own speculation was that it was making up the lack of standard trust model (which implies you impose your own), so legal terms could be imposed. Large brands cannot operate with that being clear to the corporate counsel...

I initially the same expectation as I think you do (which aligns with SAML2 websso standard): that you visit a resource, it fails to note a local session, so goes its session translator service - that pings some or other OP after discovery. If you dont have a OP session, you go through the user auth experience to get one, perhaps influenced by the RP's statement of requirements. Thereafter, session translation occurs, along with attribute transfer. (In the MSFT variant, audience permissions go along with each attribute - which the RP may need to help to translate into its local permission logic.)

But this was not blogger RP.

Going to a blogger site, to leave an authenticated comment, one first HAD to logon to a Google proprietary account, in order to be able to then evenb discover and thence ping an OP...which would help you leave an OP-authenticated comment on the blogger site (once you authenticated to it).

Nobody thought that a farce. You could have a left a comment just as easily a google member G. But, if you reallty want to leave an OP-authenticated comment, you can - but you must first be a member of the Google subscription world. Otherwise, you cannot leave authenticated comments.

Quite whose legal rules control the commenting transaction (OP or google) Ive no idea.

We have to remember that openid LOOKS like websso, but its not. Quite what it is is hard to define. Its just "openid." Since major brands are adopting it (and that is a major win for any tech initiative, in my book) its doing its (amorphous) job. Perhaps the nature of websso for massive scale REQUIRES amorphous definitions and interworking. That is. What matters ONLY is that people use it. Thats the only metric that really matters, in tech wars. It can always improve...
________________________________________
From: general-bounces at openid.net [general-bounces at openid.net] On Behalf Of Santosh Rajan [santrajan at gmail.com]
Sent: Monday, May 18, 2009 9:08 PM
To: general at openid.net
Subject: [OpenID]  Facebook support for OpenID. Where?

I am seeing tweets and blog posts about Facebook support for OpenID. I had
already suggested in an earlier post that it is going to be a farce. And
that is what it exactly is.

You see, I have always maintained that it is impossible for Web site's who
base their user identity on email addresses to support OpenID in the current
form. And let me list out the problems with the so called Facebook OpenId
support.

You can't log in into Facebook with your OpenID unless you are already
logged in to another OpenID provider. So if you fire up your browser and go
straight to Facebook, sorry!

You cannot create a Facebook account with OpenID. You need to create your
Facebook account with your email address, and then log in to your account,
and then go to settings, and then link your OpenID account.

Ok, so I decided to link my Google Account. I found that I could not link to
my Google Account without me handing over all my Google contacts! In other
words Google log in was useless for me.

When I tried to log in with Yahoo and I got the famous Yahoo message
"Warning: This website has not confirmed its identity with Yahoo! and might
be fraudulent. Do not share any personal information with this website
unless you are certain it is legitimate."

And what I find most embarrassing is the so called "Openid evangelists"
going "gaga" over this release. Maybe it is "Facebook" so they better say
good things, no matter whatever they do.

-----

Santosh Rajan
http://santrajan.blogspot.com http://santrajan.blogspot.com
--
View this message in context: http://www.nabble.com/Facebook-support-for-OpenID.-Where--tp23609450p23609450.html
Sent from the OpenID - General mailing list archive at Nabble.com.

_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general

More information about the general mailing list