On Thursday 23 April 2009 20:54:34 Callum Lerwick wrote: > On Wed, 2009-04-22 at 22:46 +0200, Kevin Kofler wrote: > > Callum Lerwick wrote: > > > That doesn't make them wrong about OpenID's UI sucking. > > > > A proprietary Google "standard" "based on OpenID" isn't a solution to > > that though. > > Yes it is a solution. A monopolistic Google only solution, but it's a > solution. > > That's why I'm saying we better come up with an un-biased free solution, > and do it fast. Before Google gains ground. It is NOT a monopolistic Google-only solution, that's what became clear after actually reading a particular comment *FROM ONE OF THE DESIGNERS OF OpenID* on that blog post. About half-way down, quote: David Recordon Oct. 30th, 2008 at 12:51 am Google is taking advantage of a feature in OpenID 2.0 known as "Directed Identity". This allows an OpenID 2.0 Relying Party to start the OpenID protocol flow using a known URL (Yahoo!'s is http://openid.yahoo.com/) to allow for "one click" style login dialogues. By performing discovery on this URL, using the XRDS XML format, the OpenID Provider advertises the OpenID Endpoint URL for the Relying Party to make a request against. Google is doing this correctly with the URL to perform discovery against being https://www.google.com/accounts/o8/id. The piece that Google is currently doing differently is requiring pre-registration of each OpenID Relying Party before users can login to a given site. This does break the common deployment of OpenID on the web today, but Eric Sachs of Google has said on the OpenID mailing list (http://tinyurl.com/562mec) that this is temporary as they work to stabilize their OpenID Provider: "We just need to do the standard scaling, stability, translation quality, etc. evaluation to make sure there are no major problems. If we are lucky, that won't take much time. However it is more then likely that we will need to tweak things in our user interface to make it easier to understand, and unfortunately translating any such tweaks into 40+ languages takes awhile." As for using email addresses as OpenIDs, this is something the OpenID community is talking about quite a bit right now; Google included. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
