A few thoughts

[Benjamin Yu]

I only have a couple of items I'd like to inject into the
discussion about openid.

1. Has any looked into the Yale CAS system?
http://tp.its.yale.edu/tiki/tiki-index.php?page=CentralAuthenticationService
Although it's a centralized SSO, openid can learn from
their experiences in SSO.

2. I would like to put in 2 cents in favor of finding a
simplified login id, on the order of user at domain. This just
seems easier for non-techies to understand.

3. Is openid's answer to dns poisoning dns sec? 
One issue right now is that dns sec is, currently, not
widely deployed. OpenId makes great assumption with the
domain names, and it could have wide implications for
logging into systems that have financial data on the line.

Good start so far. I'm excited about this decentralized
login system.