Comments on: OpenID + OAuth: Two Great Tastes That Taste Great Together

By: Ian Richard Hendry

Thu, 25 Jun 2009 08:46:23 +0000

Here’s an example of OpenID being easy to use:

http://www.weca....biz/access.php

If you have an existing ID, there is no reason why using it should be simple. To a degree it comes down to your issuer. I find ClickPass (http://www.clickpass.com) offers an easy way of getting a using a OpenID identity. Too many of them are trying to be too clever.

Ian Hendry
CEO, WeCanDo.BIZ
http://www.wecando.biz

By: El futuro de la autentificación e identificación en Internet pasa por AOuth y OpenID « Mantero.net

Fri, 13 Feb 2009 08:02:51 +0000

[...] Más información sobre estas noticias en VentureBeat y ReadWriteWeb (I, II y III), seguimiento en vivo de las charlas por John McCrea y explicación de OAuth + OpenID por TechCrunch. [...]

By: Google og Plaxo kombinerer Oauth og OpenID « Kollaborativ

Google og Plaxo kombinerer Oauth og OpenID « Kollaborativ — Tue, 03 Feb 2009 19:53:44 +0000

[...] Google og Plaxo kombinerer Oauth og OpenID Lagt i Uncategorized by poder på februar 3rd, 2009 link: OpenID + OAuth: Two Great Tastes That Taste Great Together [...]

By: On Message with Ben Gross » Blog Archive » New and noteworthy in OpenID and OAuth 2/2/09

Tue, 03 Feb 2009 05:53:40 +0000

[...] OpenID + OAuth: Two Great Tastes That Taste Great Together: TechCrunch writes about the new test between Google and Plaxo of an OpenID OAuth Extension. This extension allows the approval for an OAuth request token to be embedded in an OpenID authentication request. [...]

By: Monday Morning Head-Start [Software Business Links] « OMS SafeHarbor

Monday Morning Head-Start [Software Business Links] « OMS SafeHarbor — Mon, 02 Feb 2009 13:37:34 +0000

[...] 1. OpenID identity management information. [...]

By: Claudio Gonzalo Quinteros Moya

Sun, 01 Feb 2009 05:25:59 +0000

hi motherfockers

By: Ian Hendry

Ian Hendry — Sat, 31 Jan 2009 01:42:27 +0000

I agree that “native” OpenID implementations are way too techie for most people to want to use. This sounds exciting though. Is there a version for other sites to easily implement?

We have Google Friend Connect on our site, but it doesn’t integrate with existing contact lists users have in our network, like Facebook Connect does (which we will be adding soon). What is described above seems a much closer match for and genuine rival for Facebook Connect, although it still lacks the cache of a 150 million member network behind it.

Ian Hendry
CEO, WeCanDo.BIZ
http://www.wecando.biz

By: Marc’s Voice » Blog Archive » even more end of January ‘09 blogging

Sat, 31 Jan 2009 00:51:05 +0000

[...] You can’t make an announcement of “a new protocol” when you: [...]

By: Carlos

Carlos — Fri, 30 Jan 2009 21:16:10 +0000

What Google should do in 1st place is make OAuth work with its own other product: Friend Connect.
It’s amazing that until now you just can’t make them work together.

By: Pinball

Pinball — Fri, 30 Jan 2009 18:42:58 +0000

You mean salmonella and chocolate?

By: Michael Graves

Michael Graves — Fri, 30 Jan 2009 16:44:29 +0000

This story is a good example of complexity transfer — moving complicated parts of the process from the “user experience” below the waterline into the infrastructure layer. OpenID is a good, lightweight, open protocol of authenticating names (URLs), but by itself, it’s often not enough to solve user-level problems at the website. Coordinating data portability via OAuth makes things a lot more complex for the coders behind the scenes, but provides a level of simplicity and automation that should be a big step forward for the end user.

Everyone wants access to all of their data (and everyone else’s often enough) all the time, from anywhere. That’s fine, but it’s a big challenge for service providers. OpenID has provided a key piece of the puzzle, and OAuth another, and it’s definitely time they got more tightly integrated. This is very positive development for the open stack, and for users who will benefit from it.

By: John McCrea

John McCrea — Fri, 30 Jan 2009 16:42:32 +0000

Good thoughts. Indeed the source site (Google) customized the consent page for the Plaxo case, specifying the data that we are requesting access to (the user’s Gmail contacts).

By: JVP

JVP — Fri, 30 Jan 2009 16:42:08 +0000

All I can do is think about this family guy clip:

http://www.clip...o.php/photo/283

haha!

By: Claudio Gonzalo Quinteros Moya

Fri, 30 Jan 2009 15:58:59 +0000

By: Fab C. Johnson

Fri, 30 Jan 2009 15:58:24 +0000

Sending the user back to the source site for authorization seems to be a much better user experience, makes it clearer to the user that the data is borrowed for the one-time action/session vs. slurped in forever by a potentially untrusted site.

Would be even better if the source site is able to author/control the messaging around the one-time data transfer to assuage these privacy concerns.

By: Claudio Gonzalo Quinteros Moya

Fri, 30 Jan 2009 15:57:48 +0000

Hi everyone!!!!

By: » Google e Plaxo insieme per garantire l’identità degli utenti.

» Google e Plaxo insieme per garantire l’identità degli utenti. — Fri, 30 Jan 2009 15:42:42 +0000

[...] Via | http://www.techcrunch.com [...]

By: Meine Links vom 29.01.2009 bis zum 30.01.2009 | Isarblick

Meine Links vom 29.01.2009 bis zum 30.01.2009 | Isarblick — Fri, 30 Jan 2009 12:21:10 +0000

[...] OpenID + OAuth: Passt das zusammen und was macht Facebook dann? [...]

By: OpenID + OAuth « Wir sprechen Online.

OpenID + OAuth « Wir sprechen Online. — Fri, 30 Jan 2009 09:32:37 +0000

[...] Plaxo, Protocols, Web Google and Plaxo released a hybrid protocol combining OpenID and OAuth; http://tr.im/dnoz [...]

By: Google Combines OpenID and OAuth in new Hybrid Protocol

Google Combines OpenID and OAuth in new Hybrid Protocol — Fri, 30 Jan 2009 08:21:59 +0000

[...] Plaxo, VentureBeat, and TechCrunch all have additional coverage on the news. Related ProgrammableWeb Resources Plaxo [...]

By: Nate

Nate — Fri, 30 Jan 2009 06:51:28 +0000

I guess I didn’t address the fact that I appreciate OpenID mostly because it attempts to be truly “open”. I have no doubt that someone will eventually bridge or extend a connection between the two technologies. I also recognize that OpenID is certainly not appropriate for use in every situation, but nor is FB Connect.

In my opinion, I’d much rather have the ability to express my digital identity via an open standard than ANY wholly proprietary system. Where a concern like FB might not be motivated to adopt an open approach all the time, it’s satisfying to know that there is an alternative.

Let’s just assume that the market will eventually decide.

By: John McCrea

John McCrea — Fri, 30 Jan 2009 05:46:14 +0000

Hmmm. I work every day with Joseph, but I’m not sure I followed this “neutron star” posting.

By: Mike D

Mike D — Fri, 30 Jan 2009 04:22:23 +0000

Nate, no one is denying the problem it attempts to solves. But it does not help if it actually does not solve the issue.

Keeping in mind that, Facebook’s 35-54 year old demographic segment not only continued to grow the fastest, but it excelerated to a 276.% growth rate over the past 6 months, there will be more people who will end up using FB Connect, unless Open ID can come up with something simpler.

It does not make a difference how easy or difficult it is to integrate, especially when most publishers or site owners who integrate OpenID on their sites are developers anyway. What makes perfect sense is to make it really simple for regular folks to actually use it.

This is an important issue but it needs to be well thought off.

By: Mike D

Mike D — Fri, 30 Jan 2009 04:11:01 +0000

No… I am not a Facebook Employee although I must say that they did do a great job in simplifying the whole Facebook Connect infrastructure.

I do agree that a single company should not control the single sign on and it should be an open protocol.

By: Mike D

Mike D — Fri, 30 Jan 2009 04:06:40 +0000

Just try it…you will know.