openid.ui.mode for embedded devices

Hitoshi Uchida hitoshi.uchida at
Sat Feb 20 05:16:59 UTC 2010


Thank you for your suggestions. I agree those various way for
authentication causes users better user experience. And Brian Kissel,
I'm interested in RPX service, thank you.

However, I think those authentication ways are generally used for
enterprise use case. I talk about 'embedded devices use case' which
connect to consumer service (YouTube, Picasa, Flickr, Twitter ...)
using also OAuth or WRAP; for instance, that is OpenID/OAuth hybrid.

Those users I assume don't know and have own infoCard and so on in his
devices, and would like to use most simple way to authenticate
themselves against OP. Above consumer services also use only
username/password authentication way.

In OpenID2.0, the spec improved user experience of RP;that is, users
need not to specify their own OpenID against RP.
In OAuth WRAP, the spec supports both enterprise use case (5.2
Assertion Profile) and consumer service use case(5.3 Username and
Password Profile, 5.5 Rich App Profile).
However, both latest OpenID and  OAuth WRAP (5.4 Web App Profile)
doesn't improve user experience between users and OP.

Concerning how to authenticate users without browser-less I posted
past in this thread, I have more ideas for improving user experience
between users and OP. It would be also useful for OAuth.

Best Regards,
Hitoshi Uchida

2010/2/19 Breno <breno.demedeiros at>:
> I think the trend on real sites is to use many inputs to authentication.  At
> the very least Captchas are not uncommon.
> On Feb 18, 2010 6:19 PM, "Brian Kissel" <bkissel at> wrote:
> Hitoshi,
> You can check out  This OpenID service supports InfoCards,
> SSL cert, and phone-based authentication in addition to traditional
> username/password.

Hitoshi Uchida <hitoshi.uchida at>

More information about the user-experience mailing list