A fundamental premise of Webfinger is that there are a lot of users -- today, probably the majority of the Internet -- who are comfortable with and know their email address (or email like identifier, like a Jabber ID), who have no interest in acquiring an HTTP identifier as well, and in fact an extra HTTP identifier is a hindrance to them using the technology. So, the desire to avoid the HTTP identifier in a user visible context derives from that premise. And a login ID is definitely user visible; it's how you show a user who they're currently logged in as, for example.<div>
<br></div><div><div class="gmail_quote">On Tue, Mar 23, 2010 at 12:39 PM, Paul E. Jones <span dir="ltr"><<a href="mailto:paulej@packetizer.com">paulej@packetizer.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div lang="EN-US" link="blue" vlink="purple">
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">John,</span></p><div class="im">
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D"> </span></p>
<table border="1" cellspacing="0" cellpadding="0" style="border-collapse:collapse;border:none">
<tbody><tr style="min-height:115.5pt">
<td width="638" valign="top" style="width:6.65in;border:none;border-left:solid #00B050 4.5pt;padding:0in 5.4pt 0in 5.4pt;min-height:115.5pt">
<p class="MsoNormal" style="margin-left:5.85pt">Note that this means the user
would not be logged in as <a href="mailto:bob@gmail.com" target="_blank">bob@gmail.com</a>,
but instead as <a href="https://www.google.com/profiles/3234234234234234" target="_blank">https://www.google.com/profiles/3234234234234234</a>.
(Since step 6 doesn't know anything about steps 1-5.) I think
this has obvious usability issues.</p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D"> </span></p>
<p class="MsoNormal" style="margin-left:5.85pt">Note that the OP cannot return <a href="mailto:acct%3Abob@gmail.com" target="_blank">acct:bob@gmail.com</a> as the claimed_id
because the claimed_id has to be an openid, and under this proposal <a href="mailto:acct%3Abob@gmail.com" target="_blank">acct:bob@gmail.com</a> isn't an OpenID.
So the RP _might_ be able to retain both the entered (pre-normalized)
identifier and the final claimed_id, and display the former to the user and
the user's friends, but it seems complicated and unwieldy.</p>
</td>
</tr>
</tbody></table>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D"> </span></p>
</div><p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">I’m not really sure what to do about the fact that the <i>real</i>
OpenID identifier is something nearly impossible to remember. Perhaps one
might argue that “that’s not the way it’s supposed to be.”
:-) Shouldn’t the OpenID ID’s – even as HTTP(S) URIs –
still be somewhat memorable? That said, does it really matter? If the
user always logs in with an email ID that is converted using Webfinger into the
real OpenID ID, the process is always the same.</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">I would strongly suggest not trying to hide the OpenID ID or
make it hard to remember. Why not <a href="https://openid.google.com/bob" target="_blank">https://openid.google.com/bob</a>?
That’s likely easier to remember. So, is your concern with the user
having to potentially remember two IDs, or the fact that one is impossible to
remember? :-)</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">Paul</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D"> </span></p>
</div>
</div>
</blockquote></div><br></div>