[OpenID] older openid, versus google/yahoo etc. A Users actual experiencel

[Peter Williams]

I had cause today to comment - on the topic of how governements can easily coerce CAs to mint intermediate CAs controlled by said governments (or their contractors or supporters) that can easily spoof https endpoints by issuing suitable certs used by SSL MITM  endpoints). The commenting site was google powered, and wordpress powered, and openid powered, etc. It looked great. Create a commenting profile (by indicating an identity ... at google, wordpress, etc) and comment away. THe experience was not prime-time ready. It looked pretty though. - i entered my wordpress account name, but lost the comment as a result. Wordpress wont do SSO on demand. Rather I had to go logon to wordpress at its site, and redo everything. Poor. - I then used the google alternate button, and got a blogger login page, with the google login. I authenticated (using google credentials), but blogger has some condition that Im not authorized - to then assert. Lost the comment. Typed it again, more curtly.  Then I did the same thing with the openid button, It happens to be hosted at an wordpress IDP site, based on the site tag name (vs account name of admin of said site). Failed...of course, and lost comment, etc .Comment getting short at this point. So short, I gave up commenting on the topic, so crap was the end-user experience of multi-vendor "webby" SSO, done openid1 style.       		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20110824/1225adb1/attachment.html>