Chris MessinaAdminChris Messina (Admin, OpenID)

My feedback

  1. 194 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      35 comments  ·  Ideas  ·  Flag idea as inappropriate…  ·  Admin →
      Chris MessinaAdminChris Messina (Admin, OpenID) commented  · 

      Thanks for the suggestion. I worry that people might start using that "demo account" on other websites, and once it's turned off, they'd be locked out of their accounts. Such an "open" OpenID provider might also be used for spamming purposes, so it might not be a great idea either.

      We certainly need to make it more obvious how OpenID works... to that I end, I mocked up one approach: http://www.flickr.com/photos/factoryjoe/3841182425/in/photostream/

    • 6 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        3 comments  ·  Ideas  ·  Flag idea as inappropriate…  ·  Admin →
        Chris MessinaAdminChris Messina (Admin, OpenID) commented  · 

        Good point. That's a bigger challenge with OpenID in general... akin to the "forgot your email address or username?" challenge...

      • 12 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          1 comment  ·  Ideas  ·  Flag idea as inappropriate…  ·  Admin →
          Chris MessinaAdminChris Messina (Admin, OpenID) commented  · 

          I think the issue is that we haven't well specified how RPs should allow people to associate many ids and OpenIDs to their accounts. This is called "account linking" or "identity consolidation". Facebook actually does this fairly well (even though they haven't exposed it on facebook.com):

          http://www.flickr.com/photos/factoryjoe/3710821195/

          Other examples:

          http://www.flickr.com/photos/factoryjoe/415701438/
          http://www.flickr.com/photos/factoryjoe/2866344599/
          http://www.flickr.com/photos/factoryjoe/3134299086/

          But you're right — this is something that's left to each provider. We can only really provide guidance.

        • 74 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            8 comments  ·  Ideas  ·  Flag idea as inappropriate…  ·  Admin →

            There’s nothing in the OpenID protocol that would really allow this, especially from the data side of things. Unlike, say, credit cards, where you can transfer your balance between different providers, data transfer between different OPs requires a bit more leg work.

            What kind of data are you talking about?

            Chris MessinaAdminChris Messina (Admin, OpenID) commented  · 

            I don't understand how that would work... that would suggest being able to merge multiple URLs... and the only way that would work would be through redirects or forwards, which of course wouldn't work on identities that you don't host or control.

            How do you envision this working?

          • 1,056 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              started  ·  331 comments  ·  Ideas  ·  Flag idea as inappropriate…  ·  Admin →
              Chris MessinaAdminChris Messina (Admin, OpenID) commented  · 

              We're working on this — it won't happen right away, but in the next few months, I think that we'll have several reusable messages for addressing different audiences.

            • 24 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                started  ·  4 comments  ·  Ideas  ·  Flag idea as inappropriate…  ·  Admin →
                Chris MessinaAdminChris Messina (Admin, OpenID) commented  · 

                ideas.openid.net is hosted by UserVoice.

                As for the cert on OpenID.net, I can ask around and see what the thinking is so far.

              • 19 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  5 comments  ·  Ideas  ·  Flag idea as inappropriate…  ·  Admin →
                  Chris MessinaAdminChris Messina (Admin, OpenID) commented  · 

                  @malcolmhathaway: I think convenience, utility and usability will accelerate the use of OpenID. Once that happens, additional security services will probably become more attractive.

                  Chris MessinaAdminChris Messina (Admin, OpenID) commented  · 

                  Yep, this is possible with OpenID, and folks like Yubikey are already doing this.

                • 4 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    9 comments  ·  Ideas  ·  Flag idea as inappropriate…  ·  Admin →
                    Chris MessinaAdminChris Messina (Admin, OpenID) commented  · 

                    A couple responses... You should take a look at the "Identity in the Browser" project:

                    http://idib.googlecode.com

                    It leaves a lot to be desired, but it's an effort to get OpenID into the browser.

                    Second, that the browser "knows about all your accounts" is a large part of why I thought Flock should be a browser and not a bunch of extensions. The browser is in the perfect place to act as the user's agent!

                    Lastly, about RSS... it took a lot more than just a browser button -- you had to convince publishers to actually support the format! That's the hard part -- similar to getting more sites to support signing in with OpenID. We're working on it — and having folks like you out there able to tell the story of OpenID and explain its benefits is critical to our success.

                    Chris MessinaAdminChris Messina (Admin, OpenID) commented  · 

                    That's a curious point. Do you have specific ideas for how they could better support OpenID? The large companies are very involved in driving the technology and supporting the Foundation, but, apart from Yahoo, there isn't too much public documentation about their support for OpenID for regular internet users.

                  1 3 Next →

                  Feedback and Knowledge Base