<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Francisco,<div><br></div><div>I think what people are raising is that there is significant execution risk in your good idea.</div><div><br></div><div>In the past browser venders were uncooperative, currently Mozilla is developing their own mega IDP based on their idea of browser extensions.</div><div>If you can get them and the other vendors to cooperate you will have earned all our respect.</div><div><br></div><div>Many of us have gone down the browser extension path. From Sxipper, Seatbelt, Microsofts prototype, Axels several Firefox add ons.</div><div><br></div><div>One thing that slowed people down was the rise of Mobile browsers, and the new security models. Even someone the size of MS could not address all the platforms with extensions.</div><div><br></div><div>Having something that only works on a single platform is a drawback when working with consumers, I know you fall back to regular openID.</div><div><br></div><div>The other approach is providing account chooser services in the cloud, so that you are not dependent on anything other than html 5 to start and then work into browser support.</div><div><br></div><div>Look at <a href="https://sites.google.com/site/oidfacwg/cdsdemo">https://sites.google.com/site/oidfacwg/cdsdemo</a> for one current project.</div><div><br></div><div>I wish you luck, however i think you have chosen a difficult path for yourself. </div><div><br></div><div>Regards</div><div>John B.</div><div><br><div><div>On 2012-02-15, at 9:39 PM, Francisco Corella wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div><div style="color:#000; background-color:#fff; font-family:times new roman, new york, times, serif;font-size:12pt"><div><span>Axel,<br><br>I looked at your add-on. I actually installed it and tried it out,<br>but somehow I didn't recognize my identity providers.<br><br>The idea of supplying the openid to an input field of the RP by<br>dragging the OpenID icon is nice. My approach, which depends on RP,<br>IdP and browser enhancements, is a little simpler: there is no input<br>field.<br><br>Francisco<br></span><br><blockquote style="border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; margin-top: 5px; padding-left: 5px;"> <div style="font-family: times new roman, new york, times, serif; font-size: 12pt;"> <div style="font-family: times new roman, new york, times, serif; font-size: 12pt;"> <div dir="ltr"> <font face="Arial" size="2"> <hr size="1"> <b><span style="font-weight:bold;">From:</span></b> "<a href="mailto:Axel.Nennker@telekom.de">Axel.Nennker@telekom.de</a>"
<<a href="mailto:Axel.Nennker@telekom.de">Axel.Nennker@telekom.de</a>><br> <b><span style="font-weight: bold;">To:</span></b> <a href="mailto:fcorella@pomcor.com">fcorella@pomcor.com</a>; <a href="mailto:markus.sabadello@gmail.com">markus.sabadello@gmail.com</a>; <a href="mailto:chris.messina@gmail.com">chris.messina@gmail.com</a> <br><b><span style="font-weight: bold;">Cc:</span></b> <a href="mailto:openid-general@lists.openid.net">openid-general@lists.openid.net</a>; <a href="mailto:kplewison@pomcor.com">kplewison@pomcor.com</a> <br> <b><span style="font-weight: bold;">Sent:</span></b> Wednesday, February 15, 2012 12:35 AM<br> <b><span style="font-weight: bold;">Subject:</span></b> RE: [OpenID] One-Click OpenID: A Solution to the NASCAR Problem<br> </font> </div> <br>
<div id="yiv324281148"><style><!--
#yiv324281148
_filtered #yiv324281148 {font-family:"MS Mincho";
panose-1:2 2 6 9 4 2 5 8 3 4;}
_filtered #yiv324281148 {font-family:"MS Gothic";
panose-1:2 11 6 9 7 2 5 8 2 4;}
_filtered #yiv324281148 {font-family:"MS Gothic";
panose-1:2 11 6 9 7 2 5 8 2 4;}
_filtered #yiv324281148 {font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
_filtered #yiv324281148 {font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
_filtered #yiv324281148 {
panose-1:2 2 6 9 4 2 5 8 3 4;}
_filtered #yiv324281148 {
panose-1:2 11 6 9 7 2 5 8 2 4;}
#yiv324281148
#yiv324281148 p.yiv324281148MsoNormal, #yiv324281148 li.yiv324281148MsoNormal, #yiv324281148 div.yiv324281148MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"serif";}
#yiv324281148 a:link, #yiv324281148 span.yiv324281148MsoHyperlink
{
color:blue;
text-decoration:underline;}
#yiv324281148 a:visited, #yiv324281148 span.yiv324281148MsoHyperlinkFollowed
{
color:purple;
text-decoration:underline;}
#yiv324281148 pre
{
margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
#yiv324281148 span.yiv324281148tab
{}
#yiv324281148 span.yiv324281148EmailStyle18
{
font-family:"sans-serif";
color:#1F497D;}
#yiv324281148 span.yiv324281148HTMLPreformattedChar
{
font-family:"Courier New";}
#yiv324281148 .yiv324281148MsoChpDefault
{
font-size:10.0pt;}
_filtered #yiv324281148 {
margin:70.85pt 70.85pt 2.0cm 70.85pt;}
#yiv324281148 div.yiv324281148WordSection1
{}
--></style><div><div class="yiv324281148WordSection1"><div class="yiv324281148MsoNormal"><span style="color:#1F497D;">I propose to add some id-related functionality to the window object and have blogged about it here:</span></div><div class="yiv324281148MsoNormal"><span style="color:#1F497D;"><a href="http://ignisvulpis.blogspot.com/2011/03/all-those-nascars.html">http://ignisvulpis.blogspot.com/2011/03/all-those-nascars.html</a> and some other posts around that time.</span></div><div class="yiv324281148MsoNormal"><span style="color:#1F497D;"> </span></div><div class="yiv324281148MsoNormal"><span style="color:#1F497D;">The basic idea is to add some code like this to the RP’s pages:</span></div><div class="yiv324281148MsoNormal"><span style="color:#1F497D;"> </span></div><div class="yiv324281148MsoNormal"><span style="color:#1F497D;">function onLoad() {</span></div><div class="yiv324281148MsoNormal"> if (window.openid) { </div><pre><span style="font-size:12.0pt;font-family:"serif";"> window.openid.getPreferredOpenidProvider(callback);</span></pre><div class="yiv324281148MsoNormal"> } else {</div><div class="yiv324281148MsoNormal"> // show the NASCAR or whatever</div><div class="yiv324281148MsoNormal"> }</div><div class="yiv324281148MsoNormal"><span style="color:#1F497D;">}</span></div><div class="yiv324281148MsoNormal"><span style="color:#1F497D;"> </span></div><div class="yiv324281148MsoNormal"><span style="color:#1F497D;">The acceptable Idp could be a parameter to the </span>getPreferredOpenidProvider method but most OC accept any OpenID anyway…</div><div class="yiv324281148MsoNormal"> </div><div class="yiv324281148MsoNormal">The addon that implements this is here: <a rel="nofollow" target="_blank" href="https://addons.mozilla.org/en-US/firefox/addon/openid-for-firefox/">https://addons.mozilla.org/en-US/firefox/addon/openid-for-firefox/</a></div><div class="yiv324281148MsoNormal">It learns your openid too by looking for id_res in a server response.</div><div class="yiv324281148MsoNormal"> </div><div class="yiv324281148MsoNormal">Axel</div><div class="yiv324281148MsoNormal"><span style="font-size:11.0pt;font-family:"sans-serif";color:#1F497D;"> </span></div><div class="yiv324281148MsoNormal"><span style="font-size:11.0pt;font-family:"sans-serif";color:#1F497D;"> </span></div><div class="yiv324281148MsoNormal"><span style="font-size:11.0pt;font-family:"sans-serif";color:#1F497D;"> </span></div><div><div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm;"><div class="yiv324281148MsoNormal"><b><span style="font-size:10.0pt;font-family:"sans-serif";">From:</span></b><span style="font-size:10.0pt;font-family:"sans-serif";"> <a href="mailto:openid-general-bounces@lists.openid.net">openid-general-bounces@lists.openid.net</a> [mailto:openid-general-bounces@lists.openid.net] <b>On Behalf Of </b>Francisco Corella<br><b>Sent:</b> Wednesday, February 15, 2012 7:02 AM<br><b>To:</b> Markus Sabadello; Chris Messina<br><b>Cc:</b> OpenID General; Karen Lewison<br><b>Subject:</b> Re: [OpenID] One-Click OpenID: A Solution to the NASCAR Problem</span></div></div></div><div class="yiv324281148MsoNormal"> </div><div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;">Markus:<br><br>OpenID Selector is not a solution to the NASCAR problem, it is the<br>NASCAR problem itself. It's a good example of what I'm trying to<br>avoid.<br><br>Everybody:<br><br>Before telling me that what I'm proposing has been done before, please<br>read what I'm proposing. Or if
that takes too much effort, please<br>consider this: in my solution, the relying party displays a single<br>button "Login with OpenID". The user clicks on the button and is<br>automagically redirected to her preferred OpenID provider, even if the<br>relying party has never heard of it.<br><br>Hint: if you want to criticize this, you could criticize the fact<br>that it requires an ad-hoc HTTP header, and ad-hoc HTML tag, and new<br>browser functionality. Messieurs les Anglais, tirez les premiers.<br><br>Francisco</span></div><div><blockquote style="border:none;border-left:solid #1010FF 1.5pt;padding:0cm 0cm 0cm 4.0pt;margin-left:3.75pt;margin-top:3.75pt;margin-bottom:5.0pt;"><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;"> </span></div><div><div><div><div class="yiv324281148MsoNormal" style="text-align:center;background:white;" align="center"><span style="font-size:10.0pt;font-family:"sans-serif";color:black;"><hr align="center" size="1" width="100%"></span></div><div class="yiv324281148MsoNormal" style="background:white;"><b><span style="font-size:10.0pt;font-family:"sans-serif";color:black;">From:</span></b><span style="font-size:10.0pt;font-family:"sans-serif";color:black;"> Markus Sabadello <<a href="mailto:markus.sabadello@gmail.com">markus.sabadello@gmail.com</a>><br><b>To:</b> Chris Messina <<a href="mailto:chris.messina@gmail.com">chris.messina@gmail.com</a>> <br><b>Cc:</b> Francisco Corella <<a href="mailto:fcorella@pomcor.com">fcorella@pomcor.com</a>>; OpenID General <<a href="mailto:openid-general@lists.openid.net">openid-general@lists.openid.net</a>>; Karen Lewison <<a href="mailto:kplewison@pomcor.com">kplewison@pomcor.com</a>> <br><b>Sent:</b> Tuesday, February 14, 2012 2:41 PM<br><b>Subject:</b> Re: [OpenID] One-Click OpenID: A Solution to the NASCAR Problem</span><span style="color:black;"></span></div></div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;"> </span></div><div id="yiv324281148"><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;">Yes this has existed before.</span></div><div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;">At the OpenID Summit in Nov 2009, this was called "OpenID Selector", and then later "Active Client".</span></div></div><div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;">Mike Jones did a demo of an OpenID-enabled version of CardSpace that could remember your OpenIDs and allowed one-click login.</span></div></div><div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;">And myself, I did a demo of the Higgins equivalent.</span></div></div><div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;">Here are some old slides and info:</span></div></div><div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;"><a href="http://wiki.openid.net/w/page/12995207/2009%20OpenID%20Summit">http://wiki.openid.net/w/page/12995207/2009%20OpenID%20Summit</a> </span></div></div><div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;"> </span></div></div><div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;">Markus<br>-- </span></div><div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;">Project Danube: <a href="http://projectdanube.org/">http://projectdanube.org/</a></span></div></div><div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;">PDEC: <a href="http://personaldataecosystem.org/">http://personaldataecosystem.org/</a></span></div></div></div><div><div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;"> </span></div></div><div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;">On Tue, Feb 14, 2012 at 7:18 AM, Chris Messina <<a rel="nofollow" ymailto="mailto:chris.messina@gmail.com" target="_blank" href="mailto:chris.messina@gmail.com">chris.messina@gmail.com</a>> wrote:</span></div><div><div class="yiv324281148MsoNormal" style="margin-bottom:12.0pt;background:white;"><span style="color:black;"><br><br>On Monday, February 13, 2012, Francisco Corella <<a rel="nofollow" ymailto="mailto:fcorella@pomcor.com" target="_blank" href="mailto:fcorella@pomcor.com">fcorella@pomcor.com</a>> wrote:<br>> Chris,<br>><br>>> You may also be interested in some of the Social Agent work I did with<br>>> Mozilla around baking identity into the browser:<br>>><br>>> <a href="http://factoryjoe.com/social-agent/">http://factoryjoe.com/social-agent/</a><br>>> <a href="http://factoryjoe.com/blog/2010/03/12/the-social-agent-part-2-connect/">http://factoryjoe.com/blog/2010/03/12/the-social-agent-part-2-connect/</a><br>><br>> Thanks for link. Interesting. I agree that there are similarities.<br>> In particular, your Activate step is similar to setting an identity<br>> provider as the
default in my scheme.<br>><br>>> So long as choice of IDP is something that you want to provide the<br>>> user, something like the NASCAR, a search box, or an email field will<br>>> still be necessary to help them get started.<br>><br>> No. A solution based on a cookie set by relying party to remember<br>> what identity provider has been used on a previous visit would need<br>> something to "get started". </span></div></div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;">Right, I'm asking about the first time visit. Not about a re-visit. </span></div><div><div class="yiv324281148MsoNormal" style="margin-bottom:12.0pt;background:white;"><span style="color:black;"><br>> But in my solution the <idp> element<br>> tells the relying party what identity provider the user wants to use<br>> even if the user has never visited the relying party
before.</span></div></div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;">I believe this was a feature of CardSpace/Infocard. </span></div><div><div><div class="yiv324281148MsoNormal" style="margin-bottom:12.0pt;background:white;"><span style="color:black;"><br><br>><br>> Francisco<br>><br>> ________________________________<br>> From: Chris Messina <<a rel="nofollow" ymailto="mailto:chris.messina@gmail.com" target="_blank" href="mailto:chris.messina@gmail.com">chris.messina@gmail.com</a>><br>> To: Francisco Corella <<a rel="nofollow" ymailto="mailto:fcorella@pomcor.com" target="_blank" href="mailto:fcorella@pomcor.com">fcorella@pomcor.com</a>>; Dick Hardt <<a rel="nofollow" ymailto="mailto:dick.hardt@gmail.com" target="_blank" href="mailto:dick.hardt@gmail.com">dick.hardt@gmail.com</a>><br>> Cc: OpenID General <<a rel="nofollow" ymailto="mailto:openid-general@lists.openid.net" target="_blank" href="mailto:openid-general@lists.openid.net">openid-general@lists.openid.net</a>>; Karen Lewison <<a rel="nofollow" ymailto="mailto:kplewison@pomcor.com" target="_blank" href="mailto:kplewison@pomcor.com">kplewison@pomcor.com</a>><br>> Sent: Monday, February 13, 2012 6:52 PM<br>> Subject: Re: [OpenID] One-Click OpenID: A Solution to the NASCAR Problem<br>><br>> You may also be interested in some of the Social Agent work I did with Mozilla around baking identity into the browser:<br>> <a rel="nofollow" target="_blank" href="http://factoryjoe.com/social-agent/">http://factoryjoe.com/social-agent/</a><br>> <a rel="nofollow" target="_blank" href="http://factoryjoe.com/blog/2010/03/12/the-social-agent-part-2-connect/">http://factoryjoe.com/blog/2010/03/12/the-social-agent-part-2-connect/</a><br>> So long as choice of IDP is something that you want to provide the
user, something like the NASCAR, a search box, or an email field will still be necessary to help them get started.<br>><br>> On Mon, Feb 13, 2012 at 5:12 PM, Dick Hardt <<a rel="nofollow" ymailto="mailto:dick.hardt@gmail.com" target="_blank" href="mailto:dick.hardt@gmail.com">dick.hardt@gmail.com</a>> wrote:<br>><br>> Not really a new idea -- but nice to see people are still thinking about things.<br>> Challenges:<br>> How do you deal with the user getting a new machine? Is there a way to sync IDPs or does the user need to log into all the IDPs on a new machine before they can log into sites?<br>> How does this degrade for browsers that do not support storing the IDP (i.e., all the existing browsers out there)?<br>> -- Dick<br>> On Feb 13, 2012, at 6:00 PM, Francisco Corella wrote:<br>><br>> FYI:<br>> One-Click OpenID: A Solution to the NASCAR Problem, blog post at<br>>
<a href="http://pomcor.com/2012/02/13/one-click-openid-a-solution-to-the-nascar-problem/">http://pomcor.com/2012/02/13/one-click-openid-a-solution-to-the-nascar-problem/</a><br>> Comments welcome.<br>><br>> Francisco<br>><br>> Francisco Corella, PhD<br>> Founder & CTO, Pomcor<br>> Twitter: @fcorella<br>> Blog: <a href="http://pomcor.com/blog/">http://pomcor.com/blog/</a><br>> Web site: <a href="http://pomcor.com">http://pomcor.com</a><br>> _______________________________________________<br>> general mailing list<br>> <a rel="nofollow" ymailto="mailto:general@lists.openid.net" target="_blank" href="mailto:general@lists.openid.net">general@lists.openid.net</a><br>> <a href="http://lists.openid.net/mailman/listinfo/openid-general">http://lists.openid.net/mailman/listinfo/openid-general</a><br>><br>><br>> _______________________________________________<br>> general mailing list<br>> <a rel="nofollow" ymailto="mailto:general@lists.openid.net" target="_blank" href="mailto:general@lists.openid.net">general@lists.openid.net</a><br>> <a rel="nofollow" target="_blank" href="http://lists.openid.net/mailman/listinfo/openid-general">http://lists.openid.net/mailman/listinfo/openid-general</a><br>><br>><br>><br>><br>> --<br>> Chris Messina<br>> User Experience Designer, Google<br>><br>> //<a rel="nofollow" target="_blank" href="http://chrismessina.me/">chrismessina.me</a> | + | @chrismessina<br>> This email is: [ ] shareable [</span><span style="font-family:"MS Mincho";color:black;">✔</span><span style="color:black;">] ask first [ ] private<br>><br>><br>><br><br>-- <br>Chris Messina<br>User Experience Designer, Google</span></div><div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;"><a rel="nofollow" target="_blank" href="http://chrismessina.me/">//chrismessina.me</a> | <a rel="nofollow" target="_blank" href="https://plus.google.com/102034052532213921839">+</a> | <a rel="nofollow" target="_blank" href="http://twitter.com/chrismessina">@chrismessina</a></span></div></div><div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;"> </span></div></div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;">This email is: [ ] shareable [</span><span style="font-size:10.0pt;font-family:"MS Gothic";color:#333333;">✔</span><span style="color:black;">] ask first [ ] private</span></div></div></div><div class="yiv324281148MsoNormal" style="margin-bottom:12.0pt;background:white;"><span style="color:black;"><br>_______________________________________________<br>general mailing list<br><a rel="nofollow" ymailto="mailto:general@lists.openid.net" target="_blank" href="mailto:general@lists.openid.net">general@lists.openid.net</a><br><a rel="nofollow" target="_blank" href="http://lists.openid.net/mailman/listinfo/openid-general">http://lists.openid.net/mailman/listinfo/openid-general</a></span></div></div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;"><br><br clear="all"></span></div><div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;"> </span></div></div><div class="yiv324281148MsoNormal" style="background:white;"><span style="color:black;"> </span></div></div></div><div class="yiv324281148MsoNormal" style="margin-bottom:12.0pt;background:white;"><span style="color:black;"> </span></div></div></div></blockquote></div></div></div></div></div><br><br> </div> </div> </blockquote></div> </div></div>_______________________________________________<br>general mailing list<br><a href="mailto:general@lists.openid.net">general@lists.openid.net</a><br>http://lists.openid.net/mailman/listinfo/openid-general<br></blockquote></div><br></div></body></html>