Log in

No account? Create an account
Lindsey Kuper [entries|archive|friends|userinfo]
Lindsey Kuper

[ website | composition.al ]
[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

Does OpenID depend on people's vanity? [Nov. 17th, 2006|11:44 pm]
Lindsey Kuper
[Tags|, ]

OpenID is one of those things that I've always been so sure is a good idea that I rarely bother to question it. The question came up a couple of days ago, when Chris underwhelm told a college friend of ours that he'd need to get a LiveJournal account in order to read friends-only entries. Ooh, ooh! OpenID evangelism opportunity! I jumped in to tell our friend that he should really just get an OpenID account somewhere, but I was too late; he already had a journal.

Now, it turned out that he actually wanted to write a journal, too, which, sure, by all means, sign up with LJ. But it surprised me that a technologist like Chris wouldn't be advocating OpenID. I pointed that out, and he responded that not only is it harder to friend an OpenID user on LJ, but, well, if they still need to register somewhere (assuming they don't already have an OpenID provider), why wouldn't they register the same place their friends are registered?

I can't really argue with the "hard to friend" thing. LJ admits that the consumer support is still rough around the edges. As it is, you have to wait until an OpenID user leaves a comment before you can friend them -- which doesn't really work too well for friends-only journals! Not only that, but when you bring someone new to the site, it's a nice thing to do to make it easier for them to find you by initially friending them, instead of waiting for them to figure out how to friend you. You can't do that if they're using OpenID. Is the assumption that a person savvy enough to be using OpenID won't need any help finding your journal? What if you still just...want to be nice to them?

Regarding the "why wouldn't they register the same place their friends are registered?" thing, I think this might cut to the root of why OpenID isn't more popular, and it's complicated by the fact that LJ itself also happens to be an OpenID provider. (By far the biggest one, actually, I'm thinkin'.) If someone gets an LJ account, then they'll automatically have OpenID. So, if what they want to do is read friends-only entries, they don't have an OpenID provider, and they have a choice1 between getting LJ-and-OpenID in one blow or just OpenID, why would they ever choose the latter?

I didn't know what to say. Because, you know, just because! Because they don't want a(nother) blog, and having a blog they won't use is an awful, terrible thing, because...uh. Because it unnecessarily muddles their online persona? Am I the only person vain enough to care about that? Does OpenID depend on people's vanity?

  1. And another thing: lots of folks might not be aware that they have that choice -- and I don't blame them. There's so much noise about how anyone can become an OpenID provider that it's hard to find an actual, trusted, stable OpenID provider that isn't LiveJournal. I had to dig through Kevin keturn's journal to find the name of the one he works on to pass it along to my friend. I'm probably playing with fire by saying this in the presence of actual OpenID developers, but man, to me it really seems as if nobody wants to get bogged down in discussing actual implementations of the thing, so instead they just talk about how cool it is in the abstract. Which, make no mistake, it's cool. But if you want people to actually use it, you've gotta give them something they can use.

[User Picture]From: jes5199
2006-11-18 08:09 am (UTC)
i feel like the pure-openid names are like vanity email addresses. I used to have jes5199@marijuana.com and jes5199@emailme.something or other.co.uk and jessewolfe@hotmail and @juno and @crosswinds and @netzero and @freepop
but eventually, you don't wanna check them all, so you funnel them into your primary account. and then your outgoing mail is mostly going to be labeled with your primary account, and people will tend to prefer to use that

i hope openid is that clean! I'm going to be annoyed if i friend lindseyk@openIDmonkey.foo and find that you can't actually see my content unless you log into your non-primary account

I think that blogs are inherently good identity providers. A blog is essentially the year 2000 version of a personal homepage, right? There's never going to be a day when I say, you know, the best place to find out about what i'm doing in my life is wikipedia.
Especially with livejournal! when you're logged out of LJ, the world is a darker place

Rambly. I don't know if i made a point here
(Reply) (Thread)
[User Picture]From: lindseykuper
2006-11-18 08:28 am (UTC)
Interesting, 'cause here's a guy who thinks that OpenID should've used email addresses instead of URLs.

What's the definition of a vanity email address? I think that, in a way, the only ones that aren't vain are the ones that get assigned to you by an organization like a job or a school.
(Reply) (Parent) (Thread)
[User Picture]From: jes5199
2006-11-18 08:39 am (UTC)
he's sorta right. it might have even be possible to remap email addresses into openid urls. jes5199@livejournal.com to jes5199.livejournal.com is pretty obvious
but email is a big complicated, working mass of stuff. an email address MEANS something.
a URL can be anything. we're used to http:// which is a working mass of stuff, but you could just as easily have monkeybutter: where you typed out a description of what color socks you were wearing and there was no code
it's that universal.
what i'm getting at is that it's easier to add a bunch of functionality to nothing than it is to add add it to a bunch of stuff. and URLs are nothing but email is real.

my gmail account is not a vanity address. my gmail account is my self.

my job emails are about the most disposable ones of all.
(Reply) (Parent) (Thread)
[User Picture]From: cerulicante
2006-11-18 04:02 pm (UTC)
I always thought a vanity email address was like a vanity domain which are like vanity license plates.

Why, I'm not at Yahoooooooo...I am at my OWN, PERSONAL DOMAIN. Here is my email address.

It's like telling someone to drop stuff off at your new house.
(Reply) (Parent) (Thread)
From: keturn
2006-11-19 01:52 am (UTC)
email address vs URL is a question that's been raised repeatedly in OpenID's history, from very early in its devolpment to more recently by folks from AOL. The most compelling argument (I think) against email addresses, is that you *don't* want to give your email address to everyone, 'cuz spam. And if you had something that *looks* like an email address but *isn't*, that's just asking for trouble.
(Reply) (Parent) (Thread)
From: keturn
2006-11-19 02:47 am (UTC)

primary and secondary identifers

You did make a point, I think. :)

"i hope openid is that clean! I'm going to be annoyed if i friend lindseyk@openIDmonkey.foo and find that you can't actually see my content unless you log into your non-primary account."

Kinda depends on how she does it. If she makes openidmonkey.foo issue a 302 (or similar) to her primary account *and* your authorization engine does discovery on that address and normalizes it, then it works. But it also makes it so openidmonkey.foo doesn't actually _show up_ anywhere she logs in, which is not so much an attractive feature for a "vanity" domain.

We do recommend, as a best practice, users being able to specify multiple OpenIDs they may use to identify themselves. But if the access control list is being written by you, the resource host, as opposed to the user, you probably don't want to specify all those aliases for all your users, so it's a bit of a problem still.
(Reply) (Parent) (Thread)
[User Picture]From: keturn
2006-11-19 02:13 am (UTC)

your OpenID provider

There aren't that many OpenID providers on the market yet, and the technology is new enough that there just isn't all that much data about who is really trusted and stable. My personal recommendation would be to choose between MyOpenID and ClaimID, but as you've mentioned, I work for one of those guys, so I might just be biased. ;) And while it's encouraging for me to see you putting some thought into selecting an OpenID provider (as per my plea in a previous post), what we're reluctantly realizing is that the majority of new OpenIDs in the short term is going to happen almost by accident on the part of the users, not through well-researched shopping.

It's sort of an unfortunate side-effect of the problem space. That is, OpenID is successful because it gives people a way to spend less time thinking about the sign-up and sign-in process; they just want to get to the application. And it's great that once we start to see deployment, we can do that, but I fear it means that people aren't going to want to spend a lot of time thinking about their OpenID in the short term.
(Reply) (Thread)