> > Whatever technology we adopt, we need some kind of
> formalised, managed
> > 'federation' - a set of rules for taking part. Agreed?
>
> Hmm, I'm not sure the OpenID true believers agree with you there!
Not sure I totally agree with it myself to be honest... but let's stick
with it as a guiding principle for now at least.
> > Wouldn't an OpenID Federation, in which one of the roles of the
> > federation managing agent would be to maintain a whitelist
> of OpenID
> > providers that are 'within' the federation (and that can
> therefore be
> > trusted by everyone else in the federation) make sense?
>
> It will make sense to those who want a trust framework -- a
> federation, so it may well happen. But at that point you've
> crossed the Rubicon and lost "user-centric", leaving just an
> alternative technical protocol and built-in discovery.
But a significantly different "alternative", at least in terms of
potential mainstream adoption (note: *potential* :-) ) and definitely in
terms of the number of minds focusing on the problems.
Thinking creatively around delegation might also leave you with a
significant chunk of the "user-centric" value in place?
And simplifying "discovery" removes one of the major usability hurdles
in current systems. Granted, it replaces it with a different one (at
least)... the whole, "whaddaya mean my user-id is a uri?" type issue,
but hey, this is the google generation we're talking about, surely they
can cope?
??
> So
> it's not clear that (all of) the OpenID army will follow you to there.
You are probably right... but so what? It would still be a step in the
right direction IMHO.
Andy
--
Head of Development, Eduserv Foundation
http://www.eduserv.org.uk/foundation/
http://efoundations.typepad.com/
[log in to unmask]
+44 (0)1225 474319
|