Virtuous Code - Latest Comments in Why Your Social Website Should Support OpenID

Re: Why Your Social Website Should Support OpenID

David Recordon — Sun, 13 Apr 2008 21:01:54 -0000

Whether OpenID in the form that you see it today becomes the same thing that people see a few years from now in terms of online identity or not, is a bit beyond the point. As Avdi said, there is true value to him as a user of not having to create yet another account or being able to now have a sense of reputation that you can carry with you. If it doesn't happen to be OpenID, but just the notion of identity that people own, control, and can take with them on a global scale develops because of OpenID then isn't that success too?

While I certainly respect Stefan Brands, I don't agree with many of the points he made as I later blogged. http://daveman692.livejournal.com/310578.html

Re: Why Your Social Website Should Support OpenID

Earle Martin — Sun, 13 Apr 2008 15:30:16 -0000

Replying to the post Giles links to (since he doesn't have commenting enabled):

"The idea that I would want the same login at LiveJournal, where I post my personal soap operas semi-privately to very old friends with too much time on their hands, and Digg, where I post my own blog entries to promote them to the worldwide professional developer community, is flawed at best."

This is why a good OpenID provider (such as MyOpenID, who I use) will allow you to create personas. You can share as much or as little as you like between your various online accounts. Please don't rag on something until you're aware of all its aspects.

Re: Why Your Social Website Should Support OpenID

avdi — Sat, 12 Apr 2008 22:55:12 -0000

Ryan, thanks for that link. I am open to the idea that there are security problems with OpenID, and I have to say some of the cases put forward in that article are compelling (although the intro is a little off-putting - "our innovative technology for user-centric identity management" - conflict of interest much?). What I was responding to was the assertion that there was no apparent utility in OpenID, something I find provably false.

I'm not concerned so much about the issue of centralization - I am my own OpenID provider. (And yes, I realize that I am in the minority in that). The fact that I *can* be my own provider, though, makes OpenID less centralized than previous attempts at single sign-on.

I could probably be convinced that OpenID is not the best solution, although it would take concrete examples of better solutions. What I am not interested in is people telling me that it serves no purpose. It serves me well, and if it is flawed I want to hear about improvements, not hand-waving about how nobody needs it anyway.

Re: Why Your Social Website Should Support OpenID

Ryan Grove — Sat, 12 Apr 2008 20:53:27 -0000

OpenID may be convenient, but it's also a security nightmare:

http://idcorner.org/2007/08/22/the-problems-wit...

Re: Why Your Social Website Should Support OpenID

avdi — Sat, 12 Apr 2008 20:33:53 -0000

Giles, I'm a user. I'm speaking as a user, and nothing else. OpenID is of genuine value to me as a user. It is convenient and makes my life easier. Perhaps every other user in the world maps to your model and finds no use at all in it. But for me it has real utility. Chris was looking for how it was useful, and so (I thought) were you, and now I've explained it.

Re: Why Your Social Website Should Support OpenID

giles bowkett — Sat, 12 Apr 2008 20:10:18 -0000

OK. So now I have to respond. I had to make a whole gigantic presentation to answer your last spate of flame-war provocation. So let's see.

OK, so the blog post, "Do Users Really Even Exist?"

http://gilesbowkett.blogspot.com/2008/03/do-use...

The answer is no. Users are a convenient fiction. What actually exists are logins. OpenID assumes users map directly to logins. Because of this it is only useful to Web developers. In real life people share logins with each other or have more than one login. That's my point in the blog post. You dissed it on Twitter saying it was an interesting theory, but that was silly. It's not an interesting theory. It's an observation of the disconnect between how Web developers like to imagine people act and how you can actually see people acting in the real world.

OpenID is Web-developer-centric and based on an assumption that is wrong. It would be cool, IN THEORY, like Communism, but in reality, it's just ridiculous BS. Theories based on ideas which are repeatedly shown to be factually incorrect are theories which will not get you anywhere no matter how pretty they turn out to be.

Also, Microsoft tried to do an OpenID style thing years ago, and failed. Here's the pattern with OpenID and Passport: developers decide it should exist, they build it, and nothing happens. Whenever you have a pattern like that, it means that the real world displays characteristics that people are repeatedly failing to recognize. This is similar to micropayments. Several attempts at micropayments failed in a row before developers decided to give in gracefully and stop providing a technology that the world clearly didn't want. After a while Clay Shirky figured out why:

http://shirky.com/writings/fame_vs_fortune.html

One day Clay Shirky will figure out why OpenID never happened either. And it'll be really freaking interesting to read. But until then OpenID really isn't worth taking very seriously, and when it becomes taking very seriously, it'll only be as a way of leveraging Clay Shirky's remarkable brain. OpenID in and of itself is really not worth taking very seriously.

QED.