Hey Dick, Couldn't one make the opposite argument -- that most people's email address NOT working when they plug it into the OpenId login field could actually be a good thing? (especially in the beginning of OpenID)
I say this because such scenarios (user enters email, and RP fails because the email doesn't yet support open id) might actually be a catalyst for more people to use OpenId, especially if users start barking at their ISP/email providers to support OpenId because their email isn't working correctly with certain sites they want to use. For example, consider the following two potential scenarios that might go through a new user's mind when they first encounter OpenId: Scenario #1 (WITHOUT email allowed in the OpenId login form): User encounters an "openid enabled" site (RP ==> example.com), and decides they are curious about this new "way" to login (simplifying, I know -- but we're talking about a simple user). The user pretty quickly realizes that they need to somehow secure an Identity URL. The typical user (my parents, e.g.) might be inclined to say: "all my other (non-openid) sites require my email address (usually) as a username. Plus, since example.com still supports email address based username+passwords anyway, why not just continue to use that?" Thus, the novice user who fails to see the benefits of OpenId might just decide against OpenId because of the perceived difficulties in using it, especially in the beginning when OpenId adoption will be gaining traction, but not the majority method used for site login. Scenario #2 (WITH email allowed in the OpenId login form): User encounters an "openid enabled" site, and decides they are curious about the new "way" to login. If their email domain supports OpenId, then there's really no reason for a novice user NOT to use OpenId -- it works with the email address. On the other hand, if the RP determines that the specified email address doesn't support OpenId, it (the RP) then comes back to the User with an educational page explaining why the email doesn't work, perhaps with a "call your email provider and encourage them to adopt openid...and here's why". Anyway, this might be a different perspective on whether or not the ["oops, your login didn't work"] is a bad thing. > -----Original Message----- > From: Dick Hardt [mailto:[EMAIL PROTECTED] > Sent: Wednesday, November 08, 2006 5:06 PM > To: David Fuelling > Cc: specs@openid.net > Subject: Re: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style Identifiers > > Hi David > > A Homesite is a new concept for users, so when they see a prompt for > it, they will know they have one or not. They are not just typing in > a random URL. > > Pretty much every user has an email address, so a prompt asking for > an email would suggest to user that their email will work -- which of > course hardly any will. > > -- Dick > _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs