[OpenID] Facebook support for OpenID. Where?

Santosh Rajan santrajan at gmail.com
Wed May 20 04:48:50 UTC 2009 

Why should I get off the email soapbox? Please remember I am the only one
promoting the email case here. That is why it looks like a "soapbox" to you.
If there were others promoting emails here I wouldn't have to be on the
soapbox at all. The people who support emails dont seem to want to express
their views here. You may not agree with my views, or I may not succeed to
convince you, but I thing it is unfair for you to suggest that I should not
express my views here.
 

Andrew Arnott wrote:
> 
> Ok, I could buy all of your arguments except the email address one.  I
> know
> this is your soapbox, and I'm not interested in discussing it any more. 
> But
> having an email address for an OpenID is not at all required for a
> reasonable login experience at Facebook.  There are many many OpenID RPs
> that are good examples of how an OpenID *today*, with an *optional* or *
> required* email address *works already*.  Using an email address for an
> OpenID does *nothing magical*.  Can you get off this soapbox already?
> 
> --
> Andrew Arnott
> "I [may] not agree with what you have to say, but I'll defend to the death
> your right to say it." - S. G. Tallentyre
> 
> 
> On Tue, May 19, 2009 at 7:30 PM, Santosh Rajan <santrajan at gmail.com>
> wrote:
> 
>> Andrew,This is not only a farce, unfortunately it is also extremely bad
>> news for OpenID.
>> 1) Requiring one ID (Facebook ID) to use another ID (OpenID) is
>> ridiculous
>> to say the least. It is going to give a wrong impression about OpenID to
>> all
>> the Facebook users.
>> 2) It will also give an impression that OpenID is something for accessing
>> users data from another provider. Really this is the work of OAuth.
>> 3) It gives the impression that OpenID is something like "twitter ID"
>> which
>> it is not. Again this is OAuth domain.
>> 4) What impression do you think this is going to give potential RP's? Are
>> you going to show Facebook as a great example of OpenID implementation?
>>
>> I am not buying the argument that this is only a trial phase etc. If they
>> really wanted to try OpenID they should have tried a beta for limited
>> users.
>> That is what most RP's do. If anything this will thoroughly confuse
>> everybody about what OpenID is. This is going to cause more damage to
>> OpenID
>> than anything constructive.
>>
>> I beleive OpenID MUST be on the users "log in" page and not buried
>> somewhere in his "settings" page. I have already said many many times
>> that
>> RP's like these cannot implement OpenID correctly without an email
>> address.
>> But at the same time I dont want RP's to go ahead and implement something
>> half baked and give the wrong impression to everybody. And Facebook
>> implementation is going to remain more or less like this until the day
>> emails are accepted as OpenID's.
>>
>> On Wed, May 20, 2009 at 7:04 AM, Andrew Arnott
>> <andrewarnott at gmail.com>wrote:
>>
>>> Santosh,
>>>
>>> This isn't a farce at all, IMO.  Facebook is a very big web site and
>>> they're rolling out OpenID RP support slowly.  Right now their UI has
>>> experienced almost 0 change and yet they're able to start collecting
>>> data
>>> without intruding on the users who don't know what OpenID is.  As they
>>> collect usage data and test interoperability with various OPs, they gain
>>> confidence that they can add some UI to the login and account creation
>>> pages
>>> so that eventually a password will no longer be required to create an
>>> account.
>>>
>>> I think it's a perfectly reasonable first step.
>>>
>>> I don't like that Facebook requires access to my Contacts to hook up
>>> with
>>> Google.  But if you don't like that, type in your own OpenID that is
>>> from an
>>> OP that doesn't have contacts and FB can't force you to give up your
>>> Contacts.  That's one of the pillars of OpenID: choose your OP.  And
>>> yes,
>>> FB's auto-login feature works with any OP (not just Google,
>>> notwithstanding
>>> the blog posts implying otherwise), as long as that OP supports
>>> checkid_immediate, which most do.
>>>
>>> As far as Facebook being email address centric, I don't think that has
>>> been a blocker with Facebook becoming an RP at all.  And I'm looking
>>> forward
>>> to a future Facebook where email address is optional, and it comes
>>> automatically with OpenID if I say it should while logging in.
>>>
>>> --
>>> Andrew Arnott
>>> "I [may] not agree with what you have to say, but I'll defend to the
>>> death
>>> your right to say it." - S. G. Tallentyre
>>>
>>>
>>> On Mon, May 18, 2009 at 9:08 PM, Santosh Rajan
>>> <santrajan at gmail.com>wrote:
>>>
>>>>
>>>> I am seeing tweets and blog posts about Facebook support for OpenID. I
>>>> had
>>>> already suggested in an earlier post that it is going to be a farce.
>>>> And
>>>> that is what it exactly is.
>>>>
>>>> You see, I have always maintained that it is impossible for Web site's
>>>> who
>>>> base their user identity on email addresses to support OpenID in the
>>>> current
>>>> form. And let me list out the problems with the so called Facebook
>>>> OpenId
>>>> support.
>>>>
>>>> You can't log in into Facebook with your OpenID unless you are already
>>>> logged in to another OpenID provider. So if you fire up your browser
>>>> and
>>>> go
>>>> straight to Facebook, sorry!
>>>>
>>>> You cannot create a Facebook account with OpenID. You need to create
>>>> your
>>>> Facebook account with your email address, and then log in to your
>>>> account,
>>>> and then go to settings, and then link your OpenID account.
>>>>
>>>> Ok, so I decided to link my Google Account. I found that I could not
>>>> link
>>>> to
>>>> my Google Account without me handing over all my Google contacts! In
>>>> other
>>>> words Google log in was useless for me.
>>>>
>>>> When I tried to log in with Yahoo and I got the famous Yahoo message
>>>> "Warning: This website has not confirmed its identity with Yahoo! and
>>>> might
>>>> be fraudulent. Do not share any personal information with this website
>>>> unless you are certain it is legitimate."
>>>>
>>>> And what I find most embarrassing is the so called "Openid evangelists"
>>>> going "gaga" over this release. Maybe it is "Facebook" so they better
>>>> say
>>>> good things, no matter whatever they do.
>>>>
>>>> -----
>>>>
>>>> Santosh Rajan
>>>> http://santrajan.blogspot.com http://santrajan.blogspot.com
>>>> --
>>>> View this message in context:
>>>> http://www.nabble.com/Facebook-support-for-OpenID.-Where--tp23609450p23609450.html
>>>> Sent from the OpenID - General mailing list archive at Nabble.com.
>>>>
>>>> _______________________________________________
>>>> general mailing list
>>>> general at openid.net
>>>> http://openid.net/mailman/listinfo/general
>>>>
>>>
>>>
>>
> 
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
> 
> 


-----

Santosh Rajan
http://santrajan.blogspot.com http://santrajan.blogspot.com 
-- 
View this message in context: http://www.nabble.com/Facebook-support-for-OpenID.-Where--tp23609450p23628947.html
Sent from the OpenID - General mailing list archive at Nabble.com.

More information about the general mailing list