Thanks, Mike.<div><br></div><div>That brings up an interesting next topic: assuming this login UX is generally favored by the community, the next step after stabilization would be to package it up in an archive of .css, .js, and .html files that any site can use with any OpenID library. I don't have the time nor the expertise in non-.NET platforms or other OpenID libraries to integrate the resulting archive into these libraries and/or their sample RP sites. </div>
<div><br></div><div>Are there any OpenID experts out there that are willing to contribute to their favorite OpenID library so that this UX can be leveraged on their platform/site/language?</div><div><br clear="all">--<br>
Andrew Arnott<br>"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre<br>
<br><br><div class="gmail_quote">On Mon, Oct 26, 2009 at 7:49 PM, Mike Kirkwood <span dir="ltr"><<a href="mailto:mike@polka.com">mike@polka.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Just a small note.<br>
<br>
Great effort and real-time improvements. Feel much more comfortable<br>
using these types of libraries when there is such great support and<br>
follow through.<br>
<font color="#888888"><br>
--Mike<br>
</font><div><div></div><div class="h5"><br>
On Mon, Oct 26, 2009 at 7:46 PM, Andrew Arnott <<a href="mailto:andrewarnott@gmail.com">andrewarnott@gmail.com</a>> wrote:<br>
> It turns out that nasty redirect behavior that pulled you back to Verisign<br>
> was due to a bug in Verisign's handling of checkid_immediate, which they are<br>
> now aware of and investigating.<br>
> So aside from that redirect issue, which only comes up if you click on<br>
> Verisign at least once, it seems, all fixes this forum has suggested have<br>
> been published. So please feel free, everyone, to revisit<br>
> <a href="http://openidux.dotnetopenauth.net/" target="_blank">http://openidux.dotnetopenauth.net/</a> and give fresh feedback (or remind me of<br>
> something I may have missed in this discussion).<br>
> --<br>
> Andrew Arnott<br>
> "I [may] not agree with what you have to say, but I'll defend to the death<br>
> your right to say it." - S. G. Tallentyre<br>
><br>
><br>
> On Fri, Oct 23, 2009 at 2:20 PM, Rabbit <<a href="mailto:rabbit@cyberpunkrock.com">rabbit@cyberpunkrock.com</a>> wrote:<br>
>><br>
>> Good improvements, Andrew.<br>
>> Popups look great, plugin prompt did not appear.<br>
>> As for the redirect issue, I don't know if this helps but looking at the<br>
>> headers it checks each of these in sequence:<br>
>> - Google?<br>
>> - MyOpenID?<br>
>> - Yahoo?<br>
>> - Verisign?<br>
>> At which point it redirects me to login at PIP.<br>
>> Perhaps your prototype thinks I am signed into Versign.<br>
>> =Rabbit<br>
>> On Oct 23, 2009, at 2:23 PM, Andrew Arnott wrote:<br>
>><br>
>> Hey Rabbit,<br>
>> So I fixed the popup window size and the plugin prompt (please verify!).<br>
>> Also, I happened to run into the same Back->auto-redirect behavior you just<br>
>> described. It was in IE8 for me, and I have no idea why it's doing that.<br>
>> It doesn't usually (for me anyway). But anyway, that's absolutely not by<br>
>> design, and I'm going to chase that down and fix it. Thanks for letting me<br>
>> know it wasn't just a fluke on my machine. :)<br>
>> Thanks for the extra details.<br>
>> --<br>
>> Andrew Arnott<br>
>> "I [may] not agree with what you have to say, but I'll defend to the death<br>
>> your right to say it." - S. G. Tallentyre<br>
>><br>
>><br>
>> On Thu, Oct 22, 2009 at 10:15 PM, Rabbit <<a href="mailto:rabbit@cyberpunkrock.com">rabbit@cyberpunkrock.com</a>> wrote:<br>
>>><br>
>>> Inline comments.<br>
>>> Peace.<br>
>>> =Rabbit<br>
>>> On Oct 22, 2009, at 10:27 PM, Andrew Arnott wrote:<br>
>>><br>
>>> Thanks, Rabbit.<br>
>>> Responses inline.<br>
>>> --<br>
>>> Andrew Arnott<br>
>>> "I [may] not agree with what you have to say, but I'll defend to the<br>
>>> death your right to say it." - S. G. Tallentyre<br>
>>><br>
>>><br>
>>> On Thu, Oct 22, 2009 at 7:01 PM, Rabbit <<a href="mailto:rabbit@cyberpunkrock.com">rabbit@cyberpunkrock.com</a>> wrote:<br>
>>>><br>
>>>> I won't sugar coat this. If I encountered this interface in the wild I<br>
>>>> would be furious. I hope you are able to take this criticism constructively<br>
>>>> and improve the user experience.<br>
>>><br>
>>> Sure, I don't want you to sugar coat it. Although your tone throughout<br>
>>> this email suggests that you thought I thought this was all finished and<br>
>>> polished. It's a "prototype", dude.<br>
>>><br>
>>> I know it's a prototype. Apologies for my tone.<br>
>>>><br>
>>>> FireFox on OSX receives multiple plugin download requests. Obviously<br>
>>>> these are related to InfoCard but "explainable" from a technical perspective<br>
>>>> doesn't translate to "acceptable" from a user perspective. There was also no<br>
>>>> indication as to what the plugins were for and when I attempted to install<br>
>>>> them it failed. That latter criticism may be an issue with FireFox or OSX.<br>
>>><br>
>>> I totally agree. This doesn't happen on Windows, so I didn't see these<br>
>>> problems. But another mac user reported seeing the same thing. I have an<br>
>>> idea of how to fix this so please try again in a couple days and tell me if<br>
>>> the problem hasn't gone away. Yes, it's InfoCard related, but it was not my<br>
>>> intention to throw up all kinds of unpleasantness for those who don't have<br>
>>> InfoCard support. It's supposed to be a very quiet "light-up" scenario if<br>
>>> you have it, and completely and quietly missing if you don't.<br>
>>><br>
>>> Realistically, it's not a big deal. In FireFox it appears as a slide down<br>
>>> bar the same that happens when asked to remember a password. I don't know<br>
>>> enough about integrating with InfoCard, the reason I pointed it out is that<br>
>>> there may be some Mozilla-oriented headers that will point its plugin<br>
>>> searcher in the right direction.<br>
>>><br>
>>><br>
>>>><br>
>>>> Almost every popup window was irritating and appeared broken. A standard<br>
>>>> user would most likely think they were tricked into clicking an<br>
>>>> advertisement. This somewhat extends into my general criticism towards the<br>
>>>> entire popup standard being promoted (which I won't get into) but even with<br>
>>>> the popup approach there is room for improvement here. If you know the<br>
>>>> OpenID provider you are sending me to, and they do not offer a simple UI for<br>
>>>> popups, at least size the window to avoid horizontal scrollbars.<br>
>>>><br>
>>>><br>
>>>> <a href="http://s978.photobucket.com/albums/ae262/rabbyte/?action=view&current=Picture3.png" target="_blank">http://s978.photobucket.com/albums/ae262/rabbyte/?action=view&current=Picture3.png</a><br>
>>>><br>
>>>> <a href="http://s978.photobucket.com/albums/ae262/rabbyte/?action=view&current=Picture4.png" target="_blank">http://s978.photobucket.com/albums/ae262/rabbyte/?action=view&current=Picture4.png</a><br>
>>>><br>
>>>> <a href="http://s978.photobucket.com/albums/ae262/rabbyte/?action=view&current=Picture5.png" target="_blank">http://s978.photobucket.com/albums/ae262/rabbyte/?action=view&current=Picture5.png</a><br>
>>><br>
>>> Working within the popup UI is still being developed for the OPs, and<br>
>>> each of them are responsible for making it look good. Google supports it<br>
>>> fully, as I'm sure you noticed. Yahoo claims to support it but don't get<br>
>>> the window size right according to the UI extension draft spec and I hope<br>
>>> they fix that or the spec (I don't care which). myopenid and verisign don't<br>
>>> support it at all, and the larger popup window size I give non-supporters<br>
>>> isn't apparently big enough for their large window demands. I'll see if I<br>
>>> can fix that by just giving them a bigger window. Ideally, I hope this<br>
>>> encourages these OPs to shrink their UI so it fits in smaller windows.<br>
>>><br>
>>> imho, I would prefer a new tab being opened if there is no known window<br>
>>> dimensions. Unfortunately, that creates an even more inconsistent user<br>
>>> experience.<br>
>>><br>
>>> Besides that, myopenid and Verisign aren't likely to be displayed in the<br>
>>> final UI kit that I'm building until they meet the guidelines I wrote up.<br>
>>> RPs can always add them though.<br>
>>>><br>
>>>> You'll also notice that the MyOpenID popup is slightly hiding its<br>
>>>> security feature on the top right. There's just no excuse for that.<br>
>>><br>
>>> I agree. But see above.<br>
>>>><br>
>>>> The automatic redirecting is absolutely atrocious! Even just trying to<br>
>>>> test this out for feedback was excruciating. It is impossible to change my<br>
>>>> choice once I have made a choice. Page load tries to redirect. Clicking<br>
>>>> login tries to redirect. My history gets mangled and I can't hit the back<br>
>>>> button. Between the popups and the redirects, a standard user might (and<br>
>>>> should) think they have a virus.<br>
>>><br>
>>> Now here you've lost me. Can you explain more precisely what's going on?<br>
>>> Maybe it's a Mac thing (which I would of course still want to fix), but why<br>
>>> do you say it's impossible to change your choice once you've made one? If<br>
>>> you click one Provider and log in, you absolutely can pick another provider<br>
>>> the next time you log in (although we make them appear grayer than the rest<br>
>>> to discourage this). But remember this is targeted at normal users -- it's<br>
>>> not targeted for testing multiple OPs. So a normal user would want to keep<br>
>>> clicking the same button in order to avoid splintering their identity.<br>
>>> That's a common complaint about OpenID: "Which button did I click on last<br>
>>> time?" Or more practically: "I logged in [with the wrong button] and now<br>
>>> all my stuff is gone!" Although the other buttons are gray, you can still<br>
>>> click them.<br>
>>><br>
>>> I thought that was an intentional feature. I made a provider choice,<br>
>>> clicked through to the provider, did not login (maybe that makes the<br>
>>> difference?), went back to the original page and each time it would load for<br>
>>> a second then instantly redirect me back to the OP I chose.<br>
>>> I had to load your page, hit stop quickly, click Login, hit stop quickly,<br>
>>> then choose another provider. (You can understand my frustration! hah)<br>
>>> I wouldn't mind the auto-redirects if there were a visual countdown such<br>
>>> as:<br>
>>> "You previously chose X as your provider. Redirecting in 3....2....1..."<br>
>>> with a cancel button to make another choice.<br>
>>> I don't really see how this could be an OS-specific issue. If you have<br>
>>> trouble duplicating this, contact me directly, I'll try to help pinpoint it.<br>
>>><br>
>>> Now what about this "page load tries to redirect". What does that mean?<br>
>>> I've seen sites where the Back button takes you to a page that redirects<br>
>>> you "forward" again, which is very aggravating. But on my browsers, this<br>
>>> doesn't happen. The back button works as expected. Can you elaborate about<br>
>>> what's broken?<br>
>>>><br>
>>>> It also wouldn't hurt to provide a little information about OpenID since<br>
>>>> it is an option. Even linking to a tutorial site to provide more information<br>
>>>> would be helpful (hey! and you could use another popup!). Ok, maybe that<br>
>>>> last remark was a little mean. I appreciate the effort. I really need to put<br>
>>>> together a demo. I really hope you found my feedback useful.<br>
>>><br>
>>> Here I disagree with you, but your opinion is appreciated nonetheless.<br>
>>> This is not a "promote OpenID" design. Some of the loudest feedback I hear<br>
>>> from users who fail to log into RPs is that they don't know what OpenID is<br>
>>> and they leave. This UI is designed for maximum user conversions to the<br>
>>> RP's services, not to OpenID. RPs want users to log in -- they don't care<br>
>>> whether users know what OpenID is, and users don't visit random RPs to learn<br>
>>> about what OpenID is.<br>
>>><br>
>>> I only suggested it as OpenID is an option. It don't think it would hurt<br>
>>> since you're already expanding the window with an input field to have a<br>
>>> small link saying "What is this?" After all, that could easily be a path of<br>
>>> discovery for many people who just haven't heard of OpenID yet but would<br>
>>> love if they understood it.<br>
>>><br>
>>> A design requirement is to keep the UI as simple as possible, while<br>
>>> providing flexibility where needed for power users. So links to learn about<br>
>>> OpenID will be limited to what the RP's attorneys insist on saying for<br>
>>> liability reasons.<br>
>>> Yes, your feedback was helpful -- and can be more so if you can provide<br>
>>> some more detail about the issues I asked for more detail about.<br>
>>>><br>
>>>> =Rabbit<br>
>>>><br>
>>><br>
>>><br>
>><br>
>><br>
><br>
><br>
</div></div><div><div></div><div class="h5">> _______________________________________________<br>
> general mailing list<br>
> <a href="mailto:general@lists.openid.net">general@lists.openid.net</a><br>
> <a href="http://lists.openid.net/mailman/listinfo/openid-general" target="_blank">http://lists.openid.net/mailman/listinfo/openid-general</a><br>
><br>
><br>
</div></div></blockquote></div><br></div>