Thanks Joab, Completely understood. I for one think that your simplification probably assisted your readers, but I'm not sure I have the full support of the Information Card foundation in that perspective. ;)
The more the merrier, but it's true — this is a very complicated story to tell beyond the "it's kind of like the sign in with Facebook" experience — and yet so, so not. Thanks for taking the first stab — otherwise a rather complete telling of the story so far. Chris On Mon, Sep 28, 2009 at 9:33 PM, Joab Jackson <[email protected]> wrote: > Genetlemen, > > Hello! This is the author of the story, Joab. Thanks for the CC'ing me--I > will indeed make these clarifications and corrcections to th online version > of the article. > > I deliberately kept the Information Card out of this article if only to > simplify the explanation of OpenID as much as possible. I think with many of > our readers, we are starting at ground zero at explaining this concept. So, > for better or worse, I was simplifying. I do plan on writing a separate blog > entry explaining the Information Card in detail, however... > > joab > > > > Chris Messina wrote: > >> The article is here: >> >> >> http://gcn.com/articles/2009/09/28/openid-authentication-for-federal-web-sites.aspx >> >> Unfortunately, it suffers from a number of inaccuracies or misleading >> statements, which may warrant a simple blog post welcoming this >> review, but highlighting some clarifications: >> >> "OpenID is fundamentally a way you can use your browser to >> authenticate to a Web site by using a third-party identity provider," >> said Drummond Reed, one of the founding board members of the OpenID >> Foundation, which oversees OpenID. >> >> >> >>> Drummond was indeed a founding member of the OIDF, but this quote makes >>>> it sound like he's speaking on behalf of the OIDF board, which I don't >>>> think >>>> was his intention... >>>> >>>> >>> >> >> "For users, the chief appeal of OpenID is that it could provide a >> single name and password combination for a wide variety of sites." >> >> >> >>> This kind of language concerns me — and I've recently heard feedback that >>>> the government will be able to "get your Facebook password" if you use >>>> OpenID on a government site... while the convenience of this statement is >>>> not to be ignored, it should be clarified that one's password is NEVER >>>> shared with an OpenID consumer/relying party (or the government!). >>>> >>>> >>> >> >> "The list of consumer Web sites that accept OpenID as credentials is >> growing, even if they lean toward the geeky side: Slashdot, Facebook, >> Google, Technorati, LiveJournal and Yahoo. " >> >> >> >>> Google, Yahoo and Technorati do not accept OpenID credentials, AFAIK. >>>> They provide them, but do not accept them. >>>> >>>> >>> >> >> "The OpenID Foundation says more than 27,000 sites use the protocol, >> although actual use on the part of the Web populace remains an open >> question: One Internet service, called WetPaint, dropped support for >> OpenID, noting that of its 1 million registered users, only 200 logged >> on with OpenID accounts. Other sites, such as Facebook and Google, >> hide their OpenID log-on pages." >> >> >> >>> As of July, according to Janrain, it looks like we're closer to 50K >>>> relying parties: >>>> >>>> >>> >> http://blog.janrain.com/2009/07/relying-party-stats-as-of-july-1-2009.html >> >> And, while it's true that Wetpaint removed OpenID from their site, I >> can personally attest to how AWFUL their implementation was: >> >> http://www.flickr.com/photos/factoryjoe/2478951850/ >> >> Also, Google doesn't so much as hide their OpenID logon pages as they >> don't support it (unless we're talking about Google Apps for your >> Domain? >> >> >> "A Web site that uses OpenID credentials assumes only that any OpenID >> provider is supplying verification that a person wishing to register >> under a certain account knows the password of that account, the OpenID >> Foundation’s Reed said. " >> >> >> >>> Once again, it would appear that Drummond is speaking on behalf of the >>>> OpenID Foundation. >>>> >>>> >>> >> Otherwise, it's a pretty good article. >> >> Chris >> >> >> >> > > -- Chris Messina Open Web Advocate Personal: http://factoryjoe.com Follow me on Twitter: http://twitter.com/chrismessina Citizen Agency: http://citizenagency.com Diso Project: http://diso-project.org OpenID Foundation: http://openid.net This email is: [ ] shareable [X] ask first [ ] private
_______________________________________________ board mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-board
