1 Jul 10:47
Re: [OpenID] OpenID and SSO
From: SitG Admin <sysadmin <at> shadowsinthegarden.com>
Subject: Re: [OpenID] OpenID and SSO
Newsgroups: gmane.comp.web.openid.general
Date: 2008-07-01 08:47:26 GMT
Subject: Re: [OpenID] OpenID and SSO
Newsgroups: gmane.comp.web.openid.general
Date: 2008-07-01 08:47:26 GMT
>Users do not want to login. Really, they don't. > >Therefore you can measure the success of SSO by counting the dissapearing >login "buttons" or "links" on websites who do offer user centric (profiling) >services. A vital question here, then, is whether the user values privacy enough to forgo this level of convenience. Short of opting to automatically grant all RP requests (and never prompt user for re-authentication to the OP - it can still expire, just don't bother the *user* with renewing it), there is no way to "intelligently" practice selective login for the user. >"Click to proceed", yes, There shouldn't even be that, though. Just go to the site and see the page. No matter how much you abstract the process of authenticating, if they have to take steps to have the service recognize them then it's a login. -Shade
RSS Feed