On Thu, Oct 30, 2008 at 4:30 PM, Martin Atkins <span dir="ltr"><<a href="mailto:mart@degeneration.co.uk">mart@degeneration.co.uk</a>></span> wrote:<br><div class="gmail_quote"><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d">David Fuelling wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
That sounds more like an argument for you to use<br>
<a href="http://sappenin.com/" target="_blank">http://sappenin.com/</a> as your identifier instead of an email address.<br>
<br>
If you want to use a HTTP URL for your identifier, just enter that<br>
URL into the RP directly!<br>
<br>
<br>
For me, an internet-savvy, genius technology person (tongue-in-cheek), you're right. I know what it means to use the URL, and I do. However, my grandmother, who's a little bit less tech-savvy (she still calls the Internet "email"), she has no idea that she should be using a URL, let alone what the distinction is. We need to be thinking about these people, and about their future freedoms. Like it or not, people are going to be using email addresses as their primary identifier -- as the designers of this stuff, we need to plan ahead and add flexibility for them ahead of time.<br>
<br>
</blockquote>
<br></div>
Okay, but I'm not clear how you imagine your grandmother using this. Who sets up the URL mapping for her? Where does it map to? I assume from your description that your grandmother doesn't own her own domain, so all you're doing is pushing the problem a level deeper. How does she wrest control from the provider of the domain her URL is under?<br>
<br>
<br>
</blockquote></div><br>So my grandma has a <a href="http://yahoo.com">yahoo.com</a> email address (she doesn't really, but for the sake of illustration). She types '<a href="mailto:grandma@yahoo.com">grandma@yahoo.com</a>' into an RP, and in 2008, she'll use Yahoo.com as her OP. But in 2009 (hypothetically), Yahoo introduces the ability to "link" your email address to any OpenID of your choosing. They setup a control panel to facilitate this, etc. My grandma, being not that sophisticated, will likely continue using Yahoo. But me -- I'll be able to now link my <a href="http://yahoo.com">yahoo.com</a> email address to my <a href="http://sappenin.com">sappenin.com</a> OpenID. In 2012 (assume my grandma is kind of young), I go over to her house and say, "Grandma, did you know that if you start using Google.com as your Identity Provider, they'll pay you $1 every time you login to a site, because they're Google and they can do that sort of thing?". My grandma will say something like, "Wow, I use the computer a lot, and that will subsidize my social security -- Thanks Google!". And oh, by the way, since it's 2012, Google has an automated system to do all of this for my Grandma, so she doesn't even need my help to let Google subsidize her social security. She simply switches over her OpenID email mapping/Delegation information.....but retains her email yahoo email address as her "login mechanism".<br>
<br>The example is highly contrived (except for the Google Social Security Initiative that I accidentally announced [Sorry Google, didn't mean to pre-announce that!]), but the principles are valid.<br><br>The key point is not really "how" or "who", but merely the fact that it's possible.<br>