Enough joking around…

Paul Madsen thinks I stole qhqRvjRmuMlsucQs02zzBg7BjqU-#0a86b from him. Truthfully I wanted WhqTvjRmuMlsxcQs02zzBg7BjqU-#0a86b, but it was taken, so qhqRvjRmuMlsucQs02zzBg7BjqU-#0a86b was as close as I could get.

OK enough kidding around. What is actually being shown here is a fairly clever solution to a big problem with OpenID. As OpenID was originally envisioned, a Yahoo OpenID URL for me would have been something like http://www.yahoo.com/openid/jbohren. And that would have been a perfectly fine approach. But what would happen should I cancel my Yahoo account? Anyone (intentionally or otherwise) could sign up for Yahoo with a user ID jbohren and would get the same OpenID URL that I previously had. They could then access any OpenID enabled sites as me.

I don’t plan on cancelling my Yahoo account and Bohren is a fairly uncommon in the US. But for the record in my immediate family I have a father (Joe Bohren), brother (Jay Bohren), and son (Jacob Bohren) who would all want the same Yahoo ID if I ever gave it up.

But the Yahoo approach makes it very unlikely that anyone will ever get issued my OpenID URL.  

If OpenID ever goes mainstream, I expect that this pattern will become the best practice for OpenID URLs. I predict that after a while the clunky looking URLs won’t even get displayed by default (you will have to go to a special page to see them). It’s a deviation from the original OpenID vision, but in reality the majority of people are not willing to type URLs in anyway.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s