OpenID in desktop apps

Chris Messina chris.messina at gmail.com
Sun Feb 8 01:33:54 UTC 2009


I highly recommend that all those whom I cc'd join the user-experience list
at OpenID if you haven't already:
http://openid.net/mailman/listinfo/user-experience

I wanted to point out a disturbing but insightful trend that I've seen in
apps, both on the Mac and iPhone lately... essentially embedding a WebKit
view inside the app for doing delegated authentication. Example:

http://www.flickr.com/photos/factoryjoe/3260710115/

Without the URL bar (presuming that the URL bar hasn't been tampered with),
it's impossible to know who is hosting this page. Facebook is also
none-the-wiser about whether this experience is taking place from within the
browser or within some custom app. I also don't see how this can be stopped.

I'd like to hear your thoughts about this, given our desire to push the
popup experience forward, mandating, I presume, visibility of the URL bar in
these flows.

Chris

-- 
Chris Messina
Citizen-Participant &
 Open Web Advocate-at-Large

factoryjoe.com # diso-project.org
citizenagency.com # vidoop.com
This email is:   [X] bloggable    [ ] ask first   [ ] private
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-user-experience/attachments/20090207/9e54a915/attachment-0002.htm>


More information about the user-experience mailing list