The CardSpace factor

[Eric Norman]

This is primarily a response to Johannes, but I
sure don't mind if others chime in.  I don't think
he does either.

On Feb 6, 2007, at 10:05 PM, Johannes Ernst wrote:

> On Feb 6, 2007, at 17:58, Eric Norman wrote:
>> On Feb 6, 2007, at 5:18 PM, Johannes Ernst wrote:
>>> So now that CardSpace (and its eventual equivalent on non-Windows
>>> platforms) is part of the OpenID picture, what does this do to the
>>> user-experience work on this list?
>>
>> Why didn't you say that OpenID is part of the CardSpace picture?
>> I detect some bias and chauvinism sneaking in.
>
> Eric, this is the OpenID user experience list after all ... if this 
> was the CardSpace user experience list -- not sure such a list exists 
> -- then I'd be putting it the other way round. Does this sound 
> unreasonable to you?

It doesn't sound unreasonable at all.

A few months ago, over there on the identitygang list, you
presented your 3 cornered triangle that I interpreted as
representing the areas where major energy in the sense of
code and protocol development and deployment is being exerted
in the identity space.  Everyone seem to have the same goal,
which has been loosely been stated by many: "we want an identity
layer on the Internet".

You then asked what could be done so that evolution in those
three areas would eventually converge toward that goal.  I
thought that was a very significant question.  I also thought
that it wasn't addressed very well.  The discussion seemed to
degenerate into arguments about which corner of triangle is
more user-centric.

This is indeed an OpenID list.  RL "Bob" Morgan tried to
create a CardSpace list, but it isn't really being used.
Anyway, I see the object of the game here as evolution toward
a goal.  Evolution happens by both emergence of new species
and extinction of old.  The way I translate that is that it's
perfectly reasonable to ask what can be added to OpenId that
will promote such evolutionary convergence.  All I'm trying
to point out here is that the OpenID community also needs to
be open to questions about what could be subtracted from
OpenID so that it doesn't inhibit such convergence.

I did get the sense that the question amounted to: "can we
add the CardSpace user experience to the OpenID framework"?
What I'm asking is: "if you do, are there parts of the
OpenID framework that should be just left to atrophy"?

My personal opinion (that means it's a guess on my part) is
that the evolution and convergence will move toward the
situation where something similar to CardSpace becomes the
user experience and the back-end, behind the scenes part
of OpenID is what's added to that.


>> There's a lot more to user experience than passwords, methinks.
>
> Great, then you agree with all of us who have collaborated to assemble 
> this list so far:
>
> http://openid.net/wiki/index.php/User_Experience

Yes I agree.  I'm new here and hadn't seen that yet.
Thanks.  It looks to me like it could use a bit more
of the language and concepts the the human factors and
usability folks use.  I'll see if I can contribute some.

> Feel free to contribute additional cases.
>
>>> 3. broaden the use cases considered to allow OP authentication either
>>>     a. via username/password (traditional)
>>>     b. via CardSpace
>>>     c. via another OpenID authentication process.
>>
>> You want me to supply my "identity URL" in order to see a
>> CardSpace identity selector?  That seems rather odd.
>
> I didn't think I said anything about what I wanted. But feel free to 
> express what you want, that's why we have a mailing list and a wiki 
> after all.

No reason to take it personally.

Here's another possibility.  Using the CardSpace metaphor,
the business card that I remove from my wallet and show
to relying parties contains my OpenID URL.

Eric Norman