Looks like Google has done some usability research on
authentication...
http://sites.google.com/site/oauthgoog/UXFedLogin
I particularly liked the guiding principles...
[1] Design for usability
[2] Leverage what users already know
[3] Design for widespread adoption
[4] Allow for gradual migrati
The AuthSub authorization page will contain some warnings if you have
not registered your app with the Google Accounts API and if you are
not digitally signing the requests from your app to the Google Data
APIs. The "three levels" of warning messages are detailed here:
http://code.google.com/apis
