On 7/1/11 11:44 AM, "Maria Turk" <[log in to unmask]> wrote:
>Sam H doesn't like the idea of presenting the user with a dialog to
>create the association. He thinks it's a better idea to create the
>association automatically. My issue with this solution is the use case
>where the user has many IDs for a given service and doesn't want to
>associate any ID with a service. Basically always wants to be asked.
I don't know if it's analagous, but the philosophy on IdP discovery on the
web side now is to never automatically follow cookies to bypass the IdP
selection process. Users find the lack of consistency (sometimes they get
asked, sometimes not) more confusing than an extra click.
That's in addition to the arguments about multiple identities.
Another consideration is whether it's always the case that a "failure" in
the use of an identity at a service is going to be reflected in a manner
that will be detected by this componentry so it can break the association.
That may be true here; it's not true in the web case, which is another
reason for not auto-following.