[Openid-specs-ab] Identifiers and discovery.

Axel.Nennker at telekom.de Axel.Nennker at telekom.de
Wed Apr 13 08:15:46 UTC 2011 

Similar for me. I gave up on trying to attend because 4pm PT is 1am here, so I went to sleep at 23:30 and could have made it for midnight.
Anyway.

Regarding identifiers: Some people expect that the openid is "fancy" and easy to distiguish.
Example: @t is much cooler than @AxelNennker or pt at fb.com is cooler than user4711 at facebook.com or
https://me.google.com/AxelNennker is cooler than https://me.google.com/users/lasjkflasdflsajfljal02384ß20183lskadjfölsafj

The uglier ones achieve the goal of beeing not reassigned much easier than the prettier ones.

Display Names are an related issue: I guess that there are more than one "Mike Jones" in Microsoft possibly even more than one "Michael B. Jones". Each has a unique identifier which might be reassigned (after a grace period) to a new Michael B. Jones.

This is not only a technical problem. People want the pretty identifiers.
The best we can achieve, I think, is that users never see the unique, never reassigned (, maybe global) identifiers.
And that the UI for the display names is powerfull enough to help me to find the Mike Jones I want to reach.

Example: Consider a blog post with comments by openid users. The blog received a sreg fullname and the openid.claimed_id and openid.identity.
Now it renders the fullname on the html page giving us comment by several Mike Jones. The "social" rendering would allow my user agent to render the comments from my friend list other than comments from people I don't know.

Ok, this moves away from pure protocol issues and issuer policy to OC best practices and UI issues.
I am not sure how the openid abc wg "protocol" group can solve this non technical problems.

-Axel

> -----Original Message-----
> From: openid-specs-ab-bounces at lists.openid.net 
> [mailto:openid-specs-ab-bounces at lists.openid.net] On Behalf 
> Of Breno de Medeiros
> Sent: Tuesday, April 12, 2011 6:18 PM
> To: openid-specs-ab at lists.openid.net
> Subject: [Openid-specs-ab] Identifiers and discovery.
> 
> I hope Nat's well.
> 
> I was in a meeting at 3:00pm (that I scheduled after JBradley asserted
> the conference call would take place as usual at 4pm). When I joined,
> Mike Jones and Nat were dropping off the call.
> 
> That left JBradley and I on the call. We had a discussion on
> identifiers and discovery.
> 
> I would like to continue this conversation via email, as it's 
> an important one.
> 
> 
> Currently, Google's proposal on identifiers is:
> 
> - Identifiers are unique to the user and non-reassignable within the
> scope of the issuer. However, they need not be globally unique.
> 
> - Id_tokens attest to the issuer and therefore provide a statement of
> the globally unique (issuer_id, user_id) pair. If the signature is
> based on PK, these tokens are also universally verifiable and fully
> portable.
> 
> Looking forward to an interesting discussion,
> 
> -- 
> --Breno
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>

More information about the Openid-specs-ab mailing list