SingleUserOpenIDScenarios

From Social Web XG Wiki
Jump to: navigation, search

This 2009-05-26 writeup in completion of:

ACTION: danbri to document throwaway IDs on Wiki / danbri write up user story about different kinds of "single use" openids (eg. karma)

Warning: the following is very rough brainstorm-level material, it hasn't been thought through in huge detail or figured out in terms of technical detail (eg. Attribute Exchange, RDFa, Microformats etc.). Variations on both scenarios are of course possible. --DanBri

Single User OpenID login scenarios

Scenario 1.

Alice wants to leave an anonymous comment on a blog post on BetaBlogs.example.com. She chooses to do this via an OpenID which is not publically associated with her, but is handled out by a reasonably trustworthy "free single use OpenIDs" service.

Version 1b. She does this without showing either the OpenID provider or BetaBlogs anything to indicate who she is.

Version 1c. She logs into "openids.freenonymous.example.net" with a well established publically known OpenID. In return she is issued with a single use openid that can be used to leave her anonymous comment. If BetaBlogs anti-spammer tools want to check, the provider will assure that it came from someone whose publically known karma is quite high and isn't known to be a spammer.

Scenario 2.

Alice has a "main" everyday OpenID, http://alice.example.org/

Alice also has Web accounts with various sites, including a media site http://coolnews.example.com where she has built up some high reputation as a good community member over 10 years.

CoolNews.example.com decide to offer free OpenIDs to all their loyal community members, and in each profile page add (in addition to openids) markup indicating aspects of their contribution to the community. Alice is described as being in the Platinum Contributors group, and she's proud of this.

After some months, Alice notices that some OpenID relying party sites are making use of this kind of karma markup, to bypass spam filters when comments are provided. But she still prefers to use her main OpenID.

So, one time only, she logs into the admin pages of her main openid provider site, adds http://coolnews.example.com/alice into an "other OpenIDs" form, and then logs in using her coolnews account to prove she's the same Alice as the one over there with all that karma.

Subsequently, Alice's main OpenID provider makes this information about Alice's high community karma available when she uses the id to log into sites and leave comments. Sometimes they even make use of this, and her comments appear immediately rather than after human-checking.