Thanks for the suggestion. I worry that people might start using that "demo account" on other websites, and once it's turned off, they'd be locked out of their accounts. Such an "open" OpenID provider might also be used for spamming purposes, so it might not be a great idea either.
We certainly need to make it more obvious how OpenID works... to that I end, I mocked up one approach: http://www.flickr.com/photos/factoryjoe/3841182425/in/photostream/
Good point. That's a bigger challenge with OpenID in general... akin to the "forgot your email address or username?" challenge...
I think the issue is that we haven't well specified how RPs should allow people to associate many ids and OpenIDs to their accounts. This is called "account linking" or "identity consolidation". Facebook actually does this fairly well (even though they haven't exposed it on facebook.com):
But you're right — this is something that's left to each provider. We can only really provide guidance.
74 votesAdminChris Messina (Admin, OpenID) responded
There’s nothing in the OpenID protocol that would really allow this, especially from the data side of things. Unlike, say, credit cards, where you can transfer your balance between different providers, data transfer between different OPs requires a bit more leg work.
What kind of data are you talking about?
I don't understand how that would work... that would suggest being able to merge multiple URLs... and the only way that would work would be through redirects or forwards, which of course wouldn't work on identities that you don't host or control.
How do you envision this working?
We're working on this — it won't happen right away, but in the next few months, I think that we'll have several reusable messages for addressing different audiences.
ideas.openid.net is hosted by UserVoice.
As for the cert on OpenID.net, I can ask around and see what the thinking is so far.
@malcolmhathaway: I think convenience, utility and usability will accelerate the use of OpenID. Once that happens, additional security services will probably become more attractive.
Yep, this is possible with OpenID, and folks like Yubikey are already doing this.
A couple responses... You should take a look at the "Identity in the Browser" project:
It leaves a lot to be desired, but it's an effort to get OpenID into the browser.
Second, that the browser "knows about all your accounts" is a large part of why I thought Flock should be a browser and not a bunch of extensions. The browser is in the perfect place to act as the user's agent!
Lastly, about RSS... it took a lot more than just a browser button -- you had to convince publishers to actually support the format! That's the hard part -- similar to getting more sites to support signing in with OpenID. We're working on it — and having folks like you out there able to tell the story of OpenID and explain its benefits is critical to our success.
That's a curious point. Do you have specific ideas for how they could better support OpenID? The large companies are very involved in driving the technology and supporting the Foundation, but, apart from Yahoo, there isn't too much public documentation about their support for OpenID for regular internet users.