[OpenID] One-Click OpenID: A Solution to the NASCAR Problem
Francisco Corella
fcorella at pomcor.com
Fri Feb 17 21:46:08 UTC 2012
Hi Allen,
> Thanks for sharing!
>
> One of the appealing aspects of your proposal is that it enables users
> to login with an account from any OpenID Provider, as opposed to being
> limited to a small set of NASCAR buttons. However, websites generally
> limit the choices available to users in order to persuade the user to
> login using a high value account with data and services (name,
> verified email address, social sharing, profile, Likes, etc).
>
> In practice, not many websites want to users to login with 3rd party
> accounts unless they're guaranteed to get some data/services - it
> seems that most sites would rather have the user register a new local
> account with a password if the user doesn't want to use one of the
> NASCAR buttons. Account Chooser and Mozilla's BrowserID are both
> relatively email-address centric because verified email address seems
> to be the bare minimum that sites need to to get in order to justify
> accepting a 3rd party login relative to just registering a local
> account.
>
> Does your proposal have a way for an RP to specify the requirements
> for accounts that are acceptable for users to login with? For
> instance, an RP may only accept OpenIDs from OPs that share the user's
> verified email address.
Yes, the RP can use the SREG extension of OpenID, which does exactly
that. See:
http://openid.net/specs/openid-simple-registration-extension-1_0.html
Francisco
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20120217/64859a58/attachment.html>
More information about the general
mailing list