FOSS needs a central bug tracker

Bill Crawford billcrawford1970 at gmail.com
Fri Apr 24 10:36:05 UTC 2009


On Thursday 23 April 2009 20:54:34 Callum Lerwick wrote:
> On Wed, 2009-04-22 at 22:46 +0200, Kevin Kofler wrote:
> > Callum Lerwick wrote:
> > > That doesn't make them wrong about OpenID's UI sucking.
> >
> > A proprietary Google "standard" "based on OpenID" isn't a solution to
> > that though.
>
> Yes it is a solution. A monopolistic Google only solution, but it's a
> solution.
>
> That's why I'm saying we better come up with an un-biased free solution,
> and do it fast. Before Google gains ground.

It is NOT a monopolistic Google-only solution, that's what became clear after 
actually reading a particular comment *FROM ONE OF THE DESIGNERS OF OpenID* on 
that blog post.

About half-way down, quote:


David Recordon
Oct. 30th, 2008 at 12:51 am

Google is taking advantage of a feature in OpenID 2.0 known as "Directed 
Identity". This allows an OpenID 2.0 Relying Party to start the OpenID protocol 
flow using a known URL (Yahoo!'s is http://openid.yahoo.com/) to allow for "one 
click" style login dialogues. By performing discovery on this URL, using the 
XRDS XML format, the OpenID Provider advertises the OpenID Endpoint URL for the 
Relying Party to make a request against. Google is doing this correctly with 
the URL to perform discovery against being 
https://www.google.com/accounts/o8/id.

The piece that Google is currently doing differently is requiring 
pre-registration of each OpenID Relying Party before users can login to a given 
site. This does break the common deployment of OpenID on the web today, but 
Eric Sachs of Google has said on the OpenID mailing list 
(http://tinyurl.com/562mec) that this is temporary as they work to stabilize 
their OpenID Provider: "We just need to do the standard scaling, stability, 
translation quality, etc. evaluation to make sure there are no major problems. 
If we are lucky, that won't take much time. However it is more then likely that 
we will need to tweak things in our user interface to make it easier to 
understand, and unfortunately translating any such tweaks into 40+ languages 
takes awhile."

As for using email addresses as OpenIDs, this is something the OpenID community 
is talking about quite a bit right now; Google included.




More information about the fedora-devel-list mailing list