Dare Obasanjo’s look at OpenID
As a bit of a follow-on to my last post, Dare provides his take (and some blockquotes from others) on OpenID here. Because of the picture I used in my post, I find his last sentence incredibly rewarding:
Only time will tell if by the time all is said and done, it won’t seem like we’ve been trying to shove a square peg in a round hole all these years.
As he mentions, OpenID was originally intended for people to put in a URL as their identifier, and honestly, I’m surprised that no one thought that maybe it would be nice to have a way to let people use their email address. If you are claiming to own a URL through OpenID verification, shouldn’t you also be able to claim ownership of an email address? Especially since a lot more people have email addresses than URLs (at least, that they know of).
In a link from Dare to the Google Code Blog, another of my unspoken (or hinted at) questions is answered:
One other question that a lot of people asked yesterday is when a large provider like Google will become a relying party. There is one big problem that stands in the way of doing that, but fortunately it is more of a technology problem than a usability issue. That problem is that rich-client apps (desktop apps and mobile apps) are hard-coded to ask a user for their username and password. As an example, all Google rich-client apps would break if we supported federated login for our consumer users, and in fact they do break for the large number of our enterprise E-mail outsourcing customers who run their own identity provider, and for which Google is a relying party today. This problem with rich-client apps also affects other sites like Plaxo who are already relying parties.
As someone simply reading the above paragraph, this seems like a fairly small problem of altering the backend to accept a URL as a username with a blank password and going to the OpenID verification from there. But as someone who writes code for a living, I know that just making a first decision about how to go forward with trying to fix this issue can be almost paralyzing.
Posted on November 7, 2008, in Google and tagged openid. Bookmark the permalink. Comments Off on Dare Obasanjo’s look at OpenID.