Trust/threat model for OpenID

Dan Lyke danlyke at flutterby.com
Tue Aug 1 20:40:37 UTC 2006


On Mon, 31 Jul 2006 13:19:10 -0700, Ben Hyde wrote:
> But really, isn't that the wrong design?

As a potential user I'm much more interested in building a consistent  
identity between sites than in building a bunch of little Balkanized  
identities. That's one of the reasons that YADIS/LID/OpenID excite me  
so much, they're the opportunity for me to have a finite number of  
online identities.

I want to be able to assert that the identity I use to comment on  
someone's LiveJournal is indeed the same identity I use for my email  
account is the same identity which publishes my weblog and so forth.

The other problem is already solved: Keep typing your separate  
identity information into all of the disparate sites. So frankly I  
don't care about solving it. I mean, sure, there are places where I  
want to create a new identity to deal with a specific vendor, but as  
I've said before, I'll freely open up my medical records to the  
various credit card companies if they'll stop sending me those stupid  
offers until after I've had a lobotomy or exhibit signs of dementia.  
If Amazon wants to collaborate with the porn web sites to better  
tailor their services to me, more power to 'em.

What excites me as a consumer is what happens when my identit(y|ies)  
become more easily tied together. Otherwise we may as well just go  
with what we have now.

Dan


More information about the yadis mailing list