A couple of days ago I’ve talked with Eran Hammer-Lahav about an idea I had regarding his post about using Emails as OpenID identifiers.
During the talk another sub-idea came into light in regards to OpenID 2.0 Directed Identity and Emails. While I’m not sure if this has been discussed before (I didn’t have much time to go through old posts on the OpenID mailinglist yet) I thought about bringing it up here.
Directed Identity is a feature that allows a user to enter the domain in which his/her identity resides. This means that if I want to use my OpenID login at some site instead of entering the whole URL to my exact identity, I can simply put the domain name of my OpenID provider.
My provider will figure out all the rest including how to direct me back to the right site after I correctly login.
Yahoo’s implementation of OpenID 2.0 supports directed identities. At their OpenID site, they are educating users to write just “yahoo.com” instead of a full blown long URL to their profiles.
With a small change, a user can use his/her Email address to use directed identity, after all, users already knows how to enter an Email address in most sites to sign-in/up.
In the case of Yahoo, instead of entering “yahoo.com” to use directed identity, why not put your whole Email “myemail@yahoo.com”. The consumer OpenID implementation can simply cut off the domain name from the Email and use directed identity for the rest of the process.
I’m sure a lot of Yahoo users will find that entering their Email more natural and easier to comprehend than to figure out they should put the domain name.
The benefits for this idea is in its implementation. Providers that support OpenID 2.0 doesn’t need to do anything. The real change here is in the OpenID consumer libraries that supports OpenID 2.0. The consumer libraries only needs to use a simple regex to extract the domain name from the Email.
Do you know if this idea was previously suggested?
Do you think its applicable?
I certainly think it can make it easier for everyone and I’m thinking here in mother terms. I know my mother knows her Email and knows how to sign in to sites with it. I’m quite sure she has little understand as to what a URL is, what’s its syntax and why she would need to use it.