Comments on: Kyle Skips OpenID http://ma.tt/2008/05/kyle-skips-openid/ Unlucky in Cards Sat, 26 May 2012 13:00:00 +0000 hourly 1 http://wordpress.org/?v=3.4-beta4-20941 By: John Jones http://ma.tt/2008/05/kyle-skips-openid/#comment-443266 John Jones Sat, 10 May 2008 01:41:23 +0000 http://ma.tt/?p=5239#comment-443266 first of all I have a lot of respect for Kyle Neath but I think there are a few things to be addressed number 1 > OpenID service providers go bust/offline and logins cant have multiple ID's... partly true but since I have multiple ID's depending on which one I present will be from one or another e.g. my work ID is going to be very differant than my blogging one look at infocards and how people use that... login providers e.g. ma.gnolia provide it when it makes sense to do so... its up to them and us as customers... number 2 > mobile web does not like url's so OpenID not good. Simple NOT true have you actually used the mobile web its all painful and systems for ID will provide autofill and infocard like service number 3 > pishing and url scammers provide all the security you can in helper applications and URL ID such as images and feedback... its a problem but really people have enough problem with simply using the same password everywhere anyway so lets not go down the philosophical vs practice of security route... people make mistakes help them to recover and prevent as much as possible is the rule to use... number 4 > people dont understand multiple ID's complete nonsense very young children understand that presenting a different appearance to different people is a technique to achieve things most people see this well in the Work vs Play id's that people have. number 5 > its less user friendly because multiple steps maybe but I dont think so by providing consistency people become more trusting and understanding of the process and look for this method exactly because it is familiar look at many workflows and mostly we do it because it is familular e.g. keyboard layout (-; number 6 > multiple logins and multiple ID's are good I AGREE but we can have different levels within those logins and I would like to simplify DATA INPUT e.g. in one ID I can share my full home address or just the city to a different service provider chouseing the level at which I share personal data gives me finer control of what I send and means i DO NOT have to type it in each time and make mistakes and give up and go home when I presented with yet another form to fill in ! as a workflow its much better to chouse the ID and then the amount of data I want to share rather than making mistakes and not using the service... scary but my opinions I think should give people the option of OpenID simply because it can be useful regards John Jones http://john.jones.name first of all I have a lot of respect for Kyle Neath but I think there are a few things to be addressed

number 1 > OpenID service providers go bust/offline and logins cant have multiple ID’s…

partly true but since I have multiple ID’s depending on which one I present will be from one or another e.g. my work ID is going to be very differant than my blogging one look at infocards and how people use that…
login providers e.g. ma.gnolia provide it when it makes sense to do so… its up to them and us as customers…

number 2 > mobile web does not like url’s so OpenID not good.

Simple NOT true have you actually used the mobile web its all painful and systems for ID will provide autofill and infocard like service

number 3 > pishing and url scammers

provide all the security you can in helper applications and URL ID such as images and feedback… its a problem but really people have enough problem with simply using the same password everywhere anyway so lets not go down the philosophical vs practice of security route… people make mistakes help them to recover and prevent as much as possible is the rule to use…

number 4 > people dont understand multiple ID’s

complete nonsense very young children understand that presenting a different appearance to different people is a technique to achieve things most people see this well in the Work vs Play id’s that people have.

number 5 > its less user friendly because multiple steps

maybe but I dont think so by providing consistency people become more trusting and understanding of the process and look for this method exactly because it is familiar look at many workflows and mostly we do it because it is familular e.g. keyboard layout (-;

number 6 > multiple logins and multiple ID’s are good

I AGREE but we can have different levels within those logins and I would like to simplify DATA INPUT e.g. in one ID I can share my full home address or just the city to a different service provider chouseing the level at which I share personal data gives me finer control of what I send and means i DO NOT have to type it in each time and make mistakes and give up and go home when I presented with yet another form to fill in ! as a workflow its much better to chouse the ID and then the amount of data I want to share rather than making mistakes and not using the service…

scary but my opinions

I think should give people the option of OpenID simply because it can be useful

regards

John Jones

http://john.jones.name

]]> By: Justin Tadlock http://ma.tt/2008/05/kyle-skips-openid/#comment-443261 Justin Tadlock Fri, 09 May 2008 22:56:59 +0000 http://ma.tt/?p=5239#comment-443261 Matt, I know. I was just trying to pressure you into giving some more opinion. I think OpenID is great, but no one has yet to convince me that it is the right move for WordPress. Matt, I know. I was just trying to pressure you into giving some more opinion. I think OpenID is great, but no one has yet to convince me that it is the right move for WordPress.

]]> By: Chris Messina http://ma.tt/2008/05/kyle-skips-openid/#comment-443231 Chris Messina Fri, 09 May 2008 06:51:18 +0000 http://ma.tt/?p=5239#comment-443231 I'm certainly receptive to criticism and agree with Matt's perspective that alternative perspectives, especially to the contrary, if countered, can make an effort/initiative better. Seeing a train of positive comments without detraction makes you really wonder if people are paying attention, so I'm eager to consider his feedback and respond. I’m certainly receptive to criticism and agree with Matt’s perspective that alternative perspectives, especially to the contrary, if countered, can make an effort/initiative better.

Seeing a train of positive comments without detraction makes you really wonder if people are paying attention, so I’m eager to consider his feedback and respond.

]]> By: Christiaan http://ma.tt/2008/05/kyle-skips-openid/#comment-443217 Christiaan Thu, 08 May 2008 21:43:02 +0000 http://ma.tt/?p=5239#comment-443217 I'd like to see OpenID implemented on a large scale (I'm sick of having to register every time I want to use some website), but, out of interest, are there any alternatives that purport to solve some of the same issues OpenID purports to solve? I’d like to see OpenID implemented on a large scale (I’m sick of having to register every time I want to use some website), but, out of interest, are there any alternatives that purport to solve some of the same issues OpenID purports to solve?

]]> By: Matt http://ma.tt/2008/05/kyle-skips-openid/#comment-443212 Matt Thu, 08 May 2008 20:28:50 +0000 http://ma.tt/?p=5239#comment-443212 Not making a stance on anything, just following the conversation. 99% of what I read about OpenID is positive, so it was interesting to see someone taking the other side. I think critical arguments clarify your thinking a lot more. Not making a stance on anything, just following the conversation. 99% of what I read about OpenID is positive, so it was interesting to see someone taking the other side. I think critical arguments clarify your thinking a lot more.

]]> By: Mark Jaquith http://ma.tt/2008/05/kyle-skips-openid/#comment-443211 Mark Jaquith Thu, 08 May 2008 19:15:31 +0000 http://ma.tt/?p=5239#comment-443211 #1 is definitely a problem. #4 is silly -- having multiple personas is a benefit if you want to use them. If not, you just ignore the ones you don't use. #3 should be solved in browsers (there just aren't any foolproof server-side solutions). #5 can be solved (and indeed already is, in some implementations) by hiding the concept of the OpenID URL by asking for a provider/username combo. What we need is a way to resolve a provider/username combo to an OpenID URL without knowing about the provider ahead of time -- some sort of discovery mechanism. Maybe that already exists in v 2.0 -- I haven't looked at it very closely. I'm still very much on the fence WRT to OpenID's benefit to WordPress, however. Most sites don't have registered comments. We'd be able to know that a comment comes from who it proports to come from, but that doesn't seem to be a huge problem (and even if it is, it'd only be solved on sites with OpenID-enabled comments). I want it to be right for WordPress, but I'm just not convinced. #1 is definitely a problem. #4 is silly — having multiple personas is a benefit if you want to use them. If not, you just ignore the ones you don’t use. #3 should be solved in browsers (there just aren’t any foolproof server-side solutions). #5 can be solved (and indeed already is, in some implementations) by hiding the concept of the OpenID URL by asking for a provider/username combo. What we need is a way to resolve a provider/username combo to an OpenID URL without knowing about the provider ahead of time — some sort of discovery mechanism. Maybe that already exists in v 2.0 — I haven’t looked at it very closely.

I’m still very much on the fence WRT to OpenID’s benefit to WordPress, however. Most sites don’t have registered comments. We’d be able to know that a comment comes from who it proports to come from, but that doesn’t seem to be a huge problem (and even if it is, it’d only be solved on sites with OpenID-enabled comments). I want it to be right for WordPress, but I’m just not convinced.

]]> By: Il Filosofo » OpenID Servers: Allow Redundant Means of Access http://ma.tt/2008/05/kyle-skips-openid/#comment-443191 Il Filosofo » OpenID Servers: Allow Redundant Means of Access Thu, 08 May 2008 14:44:19 +0000 http://ma.tt/?p=5239#comment-443191 [...] 2008 at 10:43 am That’s the lesson I take from Kyle Neath’s critique of OpenID (HT: Ma.tt), from his first point, the one that I think has the most traction. OpenID servers should allow [...] [...] 2008 at 10:43 am That’s the lesson I take from Kyle Neath’s critique of OpenID (HT: Ma.tt), from his first point, the one that I think has the most traction. OpenID servers should allow [...]

]]> By: Justin Tadlock http://ma.tt/2008/05/kyle-skips-openid/#comment-443189 Justin Tadlock Thu, 08 May 2008 14:21:59 +0000 http://ma.tt/?p=5239#comment-443189 I hope that by linking to this article, you're making a stance to keep OpenID out of the WordPress core. I'd also like to read your thoughts on this. I hope that by linking to this article, you’re making a stance to keep OpenID out of the WordPress core. I’d also like to read your thoughts on this.

]]> By: Mark http://ma.tt/2008/05/kyle-skips-openid/#comment-443181 Mark Thu, 08 May 2008 11:55:38 +0000 http://ma.tt/?p=5239#comment-443181 What's your take on his points ma.tt, given that your onboard somewhat with your wordpress.com work? What’s your take on his points ma.tt, given that your onboard somewhat with your wordpress.com work?

]]>