"buttons to popular providers" idea is nice... i am planning to use php library by JanRain, Inc. i believe that there're a few more libraries available for php.. wht's ur idea abt them.. which one's better than the others??<br>
<br clear="all">Warm Regards<br>Balasubramanian<br><a href="http://www.icreatesoftwares.co.cc">www.icreatesoftwares.co.cc</a>, <a href="http://www.yourtanpura.co.cc">www.yourtanpura.co.cc</a>, <a href="http://www.quizmasterpro.co.cc">www.quizmasterpro.co.cc</a><br>
<br><br><div class="gmail_quote">On Tue, Feb 10, 2009 at 1:18 AM, Nate Klingenstein <span dir="ltr"><<a href="mailto:ndk@internet2.edu">ndk@internet2.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div style="">
Balasubramanian,<div><br></div><div>Unfortunately, the answer to both of your questions today is probably yes.</div><div><br></div><div>However, the difficulties associated with discovery user interfaces(typing URL's doesn't work for most users, so buttons to popular providers is common), or the set of information required beyond authentication like specialized attributes or social data, restricts the set of OP's anyway for some applications. Hopefully a real reputation system or trust fabric will emerge to help resolve the conflict you point out. It's still only on the chalkboard at this point, though.</div>
<div><br></div><div>One last point you might consider, which is a bit frank, is whether a user with an insecure OP is exposing your site or sensitive data to danger, or only themselves. I'm a strong believer in protecting users from themselves, but if you're comfortable with users assuming the risks resulting from choosing a bad OP, and there is no risk to your site, maybe it's okay if you accept all comers.</div>
<div><br></div><div>Take care,</div><div>Nate.</div><div class="Ih2E3d"><div><br></div><div><br><div><div>On 09 Feb 2009, at 19:38, Balasubramanian G wrote:</div><br><blockquote type="cite"><span style="border-collapse: separate; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">That was a nice reply Nate.. So would it be of some help, if i restrict the users to sign in through some trusted OPs instead of any x y z?? But by doing this am I not breaking one of the rules of thumb in OpenID concept?? That the users can authenticate themselves through any OP which if i restrict, would not be true in my website..</span></blockquote>
</div><br></div></div></div></blockquote></div><br>