Tuesday, May 26, 2009

Schleprock says: Lets Open that Id.

Through out my digital travels I tend to trip over more than my share of quirks, bugs and "obvious" ideas for improvements. I'm gifted in a Schleprock sorta way.

Unlike Schleprock (probably a pinko!) I also try to be a good netitizen and report what I find.

The problem is there are too many barriers to being a good Samaritan. The biggest one I run into is having to set up an account just to make a bug report. I have 71 separate accounts to date, of which I really use 2 or 3. I'm reticent to add more accounts just for the privilege of helping someone fix their code.

I understand the reasoning for the accounts. It's to cut down on Spam. On the surface it looks like a good solution, but in reality it's almost as bad as the problem. It cuts down on Spam, but it also cuts down on user participation. No participation is killer for open source projects.

One solution that I've seen it to allow anonymous posting, but have each posting validated before being passed through. This is a great solution. It allows anonymous posting, but puts a minor impediment in the way. If you want fast turnaround, set up an account, if you can wait, then post anonymously.

The only reasons validation isn't more popular are self important administrators, who don't make the time to deal with the human component of their project, or huge projects that legitimately generate a large number of anonymous emails. These huge, anonymous, projects are fairly rare, and Spam filtering is easier for them than for normal mail. The size of my penis is not a bug.

But how do you deal with a site, that for some obsessive reason, wants you to set up an account. If only you could create one Id and have an *OPEN* way to hand it around? Open, Id? Hmmmm. OpenId? It's got a nice ring to it.

The OpenId project exists to solve the problem of having too damn many Ids. It's really clever on how it solves it too.

You start out by going to an OpenId provider and signing up for an Id. Arg! I know, you have to sign up for another account! But this is the wish for more wishes. Once you get an OpenId account, then you can use it on any OpenId enabled site that's out there.

Let's say I'm trying to log on to newsite.com. Newsite is OpenId aware.

I type in my OpenId (http://upcracky.myopenid.com in my case). Newsite then decodes my Id and redirects me to myopenid.com. I log into myopenid.com using the password I set up there. Once I'm logged in, I'm redirected back to newsite.com and I'm in. If the password is good enough for myopenid.com it's good enough for newsite.com.

In fact, I don't believe newsite.com ever sees my password. They're probably pinkos!

How do you get an OpenId. One of the nice things about OpenId is, you may already have one. If you have a gmail account, they're an OpenId provider (It's your email address and password.) Yahoo is another. If you don't have one of those, then web search for "OpenId Provider". They're plentiful. Hell, OpenIds are cheap. You can make one for work and one for home and one for the kids and dog.

The only real problems I've run into with OpenId are:

1) They're not robust enough for super secure sites. I don't use OpenId for banking.

2) Not enough sites use it. This one is easy to fix. Whenever you have a site that is OpenId aware, use it. If you have a site that's not OpenId aware, complain to the admins. The code to implement your own OpenId log on is freely available on the net. The more sites that have it, the more users that use it. The more users that use it, the more sites that will get it.

Seriously, if you have a ton of user IDs and passwords, then it behooves you to pester all the sites you know to set up OpenId. If not, you'll end up like me, stooped over from the pain of dragging around all my BugZilla accounts.

Wowzie wowzie woo woo.

No comments: