<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<meta name=Generator content="Microsoft Word 11 (filtered medium)">
<style>
<!--
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:Arial;
color:windowtext;}
@page Section1
{size:612.0pt 792.0pt;
margin:72.0pt 90.0pt 72.0pt 90.0pt;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>I just saw this article - <a
href="http://www.news.com/8301-10784_3-9936794-7.html?tag=nefd.only">http://www.news.com/8301-10784_3-9936794-7.html?tag=nefd.only</a>
- referenced from Slashdot. In it, the executive editor of Washington Post’s
online version, argues that “Washingtonpost.com wants identities of
readers who post comments”. Maybe this could be a bussiness case for
OpenID and a lobbyism job for the foundation?<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>If Washington Post required people to use OpenID to sign
their comments then we would have solved the problem partly – at least it
won’t be possible to pretend to be someone else. But it is still not
possible to ban a certain person from the site – you can ban his OpenID
but nothing prohibits him from creating a new OpenID and use that instead.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>So some kind of trust/collaboration between Washington Post
and the OpenID providers is necessary. Now, assume VISA or American Express
decided to issue OpenIDs to their users (maybe through local banks). Then
Washington Post could decide to trust all OpenIDs of the form <identifier>.visa.com
and in this way make it difficult to obtain a new OpenID when the first one is banned
(it would require you to get a new visa card). Maybe Attribute Exchange would
fit the case even better.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>There are probably flaws in the above – but it might
still be an interesting place to prove OpenID’s worth?<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>/Jørn Wildt<o:p></o:p></span></font></p>
</div>
</body>
</html>