<table cellspacing="0" cellpadding="0" border="0" ><tr><td valign="top" style="font: inherit;"><DIV>Chris,</DIV>
<DIV>I agree that the UX definitely needs to be substantially improved to increase adoption of RPs. Seems like this approach would require OP adoption AND a code library to allow RPs to take advantage of the OP services.</DIV>
<DIV> </DIV>
<DIV>HTML5 may have some nice light-weight options for OPs, but we would need another way as well. Browser-compatibility with HTML5 isn't dominant enough to forget about the older, non-compliant browsers. The iFrame is not a bad idea either, but I was thinking about an AJAX or JQuery library since JavaScript is more portable than any server-side implementation.</DIV>
<DIV>-Daniel </DIV><BR><BR>--- On <B>Mon, 12/14/09, John Panzer <I><jpanzer@google.com></I></B> wrote:<BR>
<BLOCKQUOTE style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: rgb(16,16,255) 2px solid"><BR>From: John Panzer <jpanzer@google.com><BR>Subject: Re: Discovery of an OpenID session at an OP<BR>To: "Chris Obdam" <chris.obdam@holder.nl><BR>Cc: openid-specs@lists.openid.net<BR>Date: Monday, December 14, 2009, 9:19 AM<BR><BR>
<DIV class=plainMail>Wondering how to avoid additional round trips... and if there's<BR>anything in html5 that would let OPs advertise existence of sessions<BR>client side.<BR><BR>Or if there should be (perhaps generalized to a service discovery<BR>service on the client).<BR><BR>On Monday, December 14, 2009, Chris Obdam <<A href="http://us.mc1123.mail.yahoo.com/mc/compose?to=chris.obdam@holder.nl" ymailto="mailto:chris.obdam@holder.nl">chris.obdam@holder.nl</A>> wrote:<BR>> Aaahhh. That's nice!<BR>><BR>> Wondering how other people think about this subject!<BR>> Where can I find more info on this subject, perhaps previous discussions?<BR>><BR>> Cheers,<BR>><BR>> Chris<BR>><BR>><BR>> Op 14 dec 2009, om 12:21 heeft David Recordon het volgende geschreven:<BR>><BR>>> Hey Chris,<BR>>> Check out Google's openid.ui.x-has-session parameter, it lets your<BR>>> discover if a user has an active session with
Google. This hasn't<BR>>> really been used yet, but there's a general consensus to roll this<BR>>> sort of functionality into the UX extension once a few RPs and OPs<BR>>> have shown that it works.<BR>>><BR>>> --David<BR>>><BR>>> On Mon, Dec 14, 2009 at 12:48 AM, Chris Obdam <<A href="http://us.mc1123.mail.yahoo.com/mc/compose?to=chris.obdam@holder.nl" ymailto="mailto:chris.obdam@holder.nl">chris.obdam@holder.nl</A>> wrote:<BR>>>> Hi all (again ;-)),<BR>>>><BR>>>> I have implemented OpenID with quite a lot RP's now. Each time I struggle with the UX. Yes it is becoming more and more effective but it's not there yet.<BR>>>><BR>>>> What I would like to offer to my user is automatic discovery of OpenID sessions at the OP. I am already logged in at Google, Hyves (large dutch Social Network), Yahoo and others. But each time I have to select on of those out of a
set of OP's which I don't use.<BR>>>><BR>>>> When I enter a RP, the RP could do a redirect to a OP (in an iframe for example) and ask if the OP has a logged in user. This could be a simple anonymous request which returns a true or false. If true the UX can be different, you know there is a session so you could automatically start a OpenID transaction for the user. The end user only needs to confirm usages of their data (normal first step OpenID).<BR>>>><BR>>>> The RP can decide for it self which OP's to check automatically.<BR>>>><BR>>>> Of course we need to make sure that the end user still has a choice in using his own OP. But know the RP knows that this (anonymous) user has an OpenID or not, and if so, where.<BR>>>><BR>>>> Yes, this means an extra load on the OP's, but I hope they don't mind. If you supply this service as an Op it means that your users will be using their
indentity a bit more on other websites, hopefully. Which is a big +. (Maybe Allen Tom can react on this one? ;-))<BR>>>><BR>>>> I think there a no real privacy issues with this idea? Ok, you know from this anonymous user that he or she has an OpenID with XXX, but is that a bad thing?<BR>>>><BR>>>> Hope to get some comments on my thoughts!<BR>>>><BR>>>> Cheers,<BR>>>><BR>>>> Chris<BR>>>> OpenID Holland<BR>>>> _______________________________________________<BR>>>> specs mailing list<BR>>>> <A href="http://us.mc1123.mail.yahoo.com/mc/compose?to=specs@lists.openid.net" ymailto="mailto:specs@lists.openid.net">specs@lists.openid.net</A><BR>>>> <A href="http://lists.openid.net/mailman/listinfo/openid-specs" target=_blank>http://lists.openid.net/mailman/listinfo/openid-specs</A><BR>>>><BR>><BR>>
_______________________________________________<BR>> specs mailing list<BR>> <A href="http://us.mc1123.mail.yahoo.com/mc/compose?to=specs@lists.openid.net" ymailto="mailto:specs@lists.openid.net">specs@lists.openid.net</A><BR>> <A href="http://lists.openid.net/mailman/listinfo/openid-specs" target=_blank>http://lists.openid.net/mailman/listinfo/openid-specs</A><BR>><BR><BR>-- <BR>--<BR>John Panzer / Google<BR><A href="http://us.mc1123.mail.yahoo.com/mc/compose?to=jpanzer@google.com" ymailto="mailto:jpanzer@google.com">jpanzer@google.com</A> / abstractioneer.org / @jpanzer<BR>_______________________________________________<BR>specs mailing list<BR><A href="http://us.mc1123.mail.yahoo.com/mc/compose?to=specs@lists.openid.net" ymailto="mailto:specs@lists.openid.net">specs@lists.openid.net</A><BR><A href="http://lists.openid.net/mailman/listinfo/openid-specs"
target=_blank>http://lists.openid.net/mailman/listinfo/openid-specs</A><BR></DIV></BLOCKQUOTE></td></tr></table><br>