On Sat, 2009-04-25 at 17:44 -0500, Arthur Pemberton wrote: > On Sat, Apr 25, 2009 at 5:11 PM, Callum Lerwick <seg@xxxxxxxxxx> wrote: > >> As for using email addresses as OpenIDs, this is something the OpenID > >> community is talking about quite a bit right now; Google included. > > > > Having to type in a domain or an email address is NOT an improvement > > Having a single account over multiple account is an improvement. > > > This should require NO typing. The user should see no URLs, no domains, > > Why not? > > > no emails, they should see nothing but a button to click. > > Why not? This is trying to solve the problem of multiple accounts not > laziness. Eventually I'm sure there will be browser extensions to auto > enter your open id info if you can't bare to Ctrl+C, Ctrl+V. Does ease of use mean anything to you? Think about browser devices that don't have keyboards. You're trying to solve a much smaller problem than me. How is entering your email everywhere an improvement over just using the same password on every site? All you've done is made it so you enter one thing instead of two. That's *it*. (Does OpenID even remove the need to go through an email validation loop on every single site? Since it completely avoids the entire notion of email, I don't think it does...) I want a Single Sign On where I authenticate myself ONCE, per session. I want to then be able to go to any site that supports OpenID, click "log in" and be logged in. Period. No passwords, no nothing. I entered it once, that's enough. I do believe this is what the Gnome Online Desktop people are trying to do. Log in to your desktop, and you're automagically logged in to every web app you use. They do it by just storing all authentications in a keyring, and use your desktop login as a master key. But where do you store your keyring? Every time you enter a club, do you have to wait for the bouncer to confirm your mailing address, do a background check, interview your references, pull your credit report, interview your employer, check your fingerprints, and do a DNA test to make sure you are who you say you are? No, you show them your ID. The bouncer has for the most part delegated the task of identifying you to the government. This is what OpenID should be like. You just show your ID, or rather the browser does it for you when you instruct it to do so by clicking the "log in" button, and you're done. That's it. One click. Done. Different OpenID providers are kind of like different states. Or like IDs from different countries. Passports. Whatever makes sense to you. Different organizations that have agreed to trust each other to vouch for their own citizens.
Attachment:
signature.asc
Description: This is a digitally signed message part
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
