WebFinger at Google

John Panzer jpanzer at google.com
Tue Mar 23 23:20:05 UTC 2010 

A fundamental premise of Webfinger is that there are a lot of users --
today, probably the majority of the Internet -- who are comfortable with and
know their email address (or email like identifier, like a Jabber ID), who
have no interest in acquiring an HTTP identifier as well, and in fact an
extra HTTP identifier is a hindrance to them using the technology.  So, the
desire to avoid the HTTP identifier in a user visible context derives from
that premise.  And a login ID is definitely user visible; it's how you show
a user who they're currently logged in as, for example.

On Tue, Mar 23, 2010 at 12:39 PM, Paul E. Jones <paulej at packetizer.com>wrote:

>  John,
>
>
>
> Note that this means the user would not be logged in as bob at gmail.com, but
> instead as https://www.google.com/profiles/3234234234234234.  (Since step
> 6 doesn't know anything about steps 1-5.)  I think this has obvious
> usability issues.
>
>
>
> Note that the OP cannot return acct:bob at gmail.com <acct%3Abob at gmail.com>as the claimed_id because the claimed_id has to be an openid, and under this
> proposal acct:bob at gmail.com <acct%3Abob at gmail.com> isn't an OpenID.  So
> the RP _might_ be able to retain both the entered (pre-normalized)
> identifier and the final claimed_id, and display the former to the user and
> the user's friends, but it seems complicated and unwieldy.
>
>
>
> I’m not really sure what to do about the fact that the *real* OpenID
> identifier is something nearly impossible to remember.  Perhaps one might
> argue that “that’s not the way it’s supposed to be.” :-)  Shouldn’t the
> OpenID ID’s – even as HTTP(S) URIs – still be somewhat memorable? That said,
> does it really matter?  If the user always logs in with an email ID that is
> converted using Webfinger into the real OpenID ID, the process is always the
> same.
>
>
>
> I would strongly suggest not trying to hide the OpenID ID or make it hard
> to remember.  Why not https://openid.google.com/bob?  That’s likely easier
> to remember.  So, is your concern with the user having to potentially
> remember two IDs, or the fact that one is impossible to remember? :-)
>
>
>
> Paul
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20100323/ccc63ee2/attachment.htm>

More information about the specs mailing list