Comments on: OpenID Thoughts

By: In Context » Life before you have a selector

In Context » Life before you have a selector — Thu, 09 Jul 2009 00:54:55 +0000

[...] an OpenID NASCAR (NASCAR) like this (courtesy of JanRain’s very cool [...]

By: itickr.com » OpenID Nascarization

itickr.com » OpenID Nascarization — Tue, 07 Apr 2009 16:37:23 +0000

[...] raised the issue of Nascarization more than an year ago . There should be one OpenID button. Not two. Not three. Else it’s not scalable for the [...]

By: Who is Hahleq : No true identity, Open or otherwise, in sight

Who is Hahleq : No true identity, Open or otherwise, in sight — Mon, 19 May 2008 20:24:51 +0000

[...] Wow! about 5 minutes after initially posting this, I ran across this blog entry by Ashish Jain. Great stuff and cuts to the heart of my point. Also very troubling as Ashish is [...]

By: peter

peter — Sun, 13 Apr 2008 22:54:40 +0000

could not leave openid authenticated comment. On SignOn.com, could not get UI to recognize my cardspace card (on vista buseinss SP1).

By: Steven Osborn » Blog Archive » One Button to Rule them all.

Steven Osborn » Blog Archive » One Button to Rule them all. — Mon, 31 Mar 2008 23:42:24 +0000

[...] have been quite a bit of talk about the current state of OpenID login screens that are becoming cluttered with [...]

By: Ashish Jain

Ashish Jain — Sun, 30 Mar 2008 22:15:03 +0000

Ryan,
The issues that you have raised in your referenced blog post are more around CardSpace. I agree with your perspective (listed my own at http://itickr.com/?p=82).
However, I believe that the issues with CardSpace are mainly implementation specific. However, the issues around OpenID are more foundational.
Thanks,
- Ashish

By: Ryan Janssen

Ryan Janssen — Sun, 30 Mar 2008 20:40:14 +0000

Ashish, I just finished a 3 part blog post at http://drstarcat.com that ended with a discussion of the UI (http://drstarcat.com/archives/30). Very good questions you raise.

By: Ashish Jain

Ashish Jain — Sat, 22 Mar 2008 02:33:38 +0000

Hahleq,
Security and Convenience don’t go very well together. I would imagine that soon OpenID will come to a resting state where it finds the most adoption and then focus on that need.
- Ashish

By: Ashish Jain

Ashish Jain — Sat, 22 Mar 2008 02:30:02 +0000

Peter,
I get what you are doing and it’s definitely innovative. I just find it a bit hard to scale from an adoption perspective. Having a client side solution with a service in the cloud for syncing is probably another route to look at.
- Ashish

By: Who Is Hahleq?

Who Is Hahleq? — Tue, 18 Mar 2008 02:52:20 +0000

Great post and nice feedback from Peter. I think I get what ClickPass is doing, but even as an advocate for where OpenID is heading, as a security geek, my conerns remain high. I have enough problems with OpenID security without it also becoming a “single click”. I know ease-of-use is a cornerstone of what we are all aiming for, but given the current state of OpenID insecurity, do we really want this level of complete transparency? I for one, know I do not.

As implemented toay I use OpenID to play around with different feature sets from the various OPs and then only at sites that if compromised, really wouldn’t impact me. Believe me, I want to use OpenID everywhere and for everything, but until implemented in a manner with real security, as a user, I’m staying on the sideline.

Certainly, the “Nascar-ization” issue and some folks turning their credentials into OpenIDs, but not then accepting other OpenIDs are also a real kick in the shins of progress. I know that OpenID isn’t intended to be THE complete identity answer, but as I mentioned on my blog today before seeing this, we need something truly useful sooner than later. By truly useful, I mean something that hits on more of Kim Cameron’s 7 Laws than we’ve gotten today.

On the sideline cheering, but contemplating where to get back in the game,
- Hahleq