Lightweight access PINs: a modest proposal for enabling OpenID in desktop and mobile apps

Oct 30th – 3pm

While the news that Google is now an OpenID Provider was generally welcomed, a common chorus decrying their support (along with others large OPs like Yahoo, Microsoft and others) at best as half-hearted, at worst as ruining OpenID has revealed a significant barrier to such large providers becoming relying parties (even beyond usability).

Eric Sachs (Google Security Team) writes:

One other question that a lot of people asked yesterday is when a large provider like Google will become a relying party. There is one big problem that stands in the way of doing that, but fortunately it is more of a technology problem than a usability issue. That problem is that rich-client apps (desktop apps and mobile apps) are hard-coded to ask a user for their username and password. As an example, all Google rich-client apps would break if we supported federated login for our consumer users, and in fact they do break for the large number of our enterprise E-mail outsourcing customers who run their own identity provider, and for which Google is a relying party today. This problem with rich-client apps also affects other sites like Plaxo who are already relying parties.

Fortunately there is a solution, and it was developed specifically because Ma.gnolia ran into this problem when it became an OpenID relying party. The result, nine months in the making, was OAuth. Eric even recognizes this:

We need standard open-source components on as many platforms as possible to enable those rich-client apps to support OAuth. That includes a lot more platforms then just Windows and Mac. The harder part is mobile devices (Blackberry, Symbian, Windows Mobile, iPhone, and yes even Android), and other Internet connected devices like Tivos, Apple TVs, Playstations, etc. that have rich-client apps that ask users for their passwords to access services like Youtube, Google photos, etc. If we build these components, they will be useful not only to Google, but also to any other relying parties which have rich-client apps or exposes APIs, and it will also help enterprise SaaS vendors like Salesforce.

iPhone Sync CodeAs I’ve been thinking about this problem, I’ve come to see as an intermediate approach to full-on delegated authorization a simpler, perhaps more familiar approach that would be relatively easy to implement given common interface patterns today. For comparison, Pownce’s iPhone app originally used out-of-band browser-based authentication, leading to a swarm of user criticism resulting in a compromised solution that required embedding a web browser in the app. Less than ideal.

In my proposal, rather than ask for a user’s password, an easier-to-remember OP-issued numerical PIN would be used to authenticate requests. Better is that this approach is already supported in OAuth, it’s just not widely used yet (though is similar to how Flickr authorizes mobile clients).

The basic concept is that you’d have one password (or other strong authentication method) for your primary OpenID account and you’d have one (or more) PINs that you would use to access your account remotely — perhaps in limited risk scenarios or where (again) the full browser-based OAuth flow is not possible or warranted.

Although I initially opposed FriendFeed’s use of Remote Keys, I now think that there’s some merit to this approach, as long as the underlying mechanism uses standard OAuth calls.

There are plenty of holes in this approach, but insomuch as it enables an existing pattern to be phased out gently, I think it offers at least the foundation of an idea that could be useful. It also could be used as a counter-balance to some of the current thinking on federated login flows with OAuth.

Consider these three sign in boxes for comparison:

  1. Traditional Password
    traditional password
  2. Lightweight PIN access
    pin-access
  3. Full OAuth
    Full OAuth

Thoughts welcome.

By Chris Messina | Posted in Technology, Usability | Comments (10)

OpenID usability is not an oxymoron

Oct 28th – 8pm

Julie Zhou of Facebook discusses usability findings from Facebook Connect.
Julie Zhou of Facebook discusses usability findings from Facebook Connect. Photo © John McCrea. All rights reserved.

See? We're working on this! Monday last week marked the first ever OpenID UX Summit at Yahoo! in Sunnyvale with over 40 in attendance. Representatives came from MySpace, Facebook, Google, Yahoo!, Vidoop, Janrain, Six Apart, AOL, Chimp, Magnolia, Microsoft, Plaxo, Netmesh, Internet 2 and Liberty Alliance to debate and discuss how best to make implementations of the protocol easier to use and more familiar.

John McCrea covered the significance of the summit on TechCrunchIT (and recognized Facebook’s welcomed participation) and has a good overall summary on his blog.

While the summit was a long-overdue step towards addressing the clear usability issues directly inhibiting the spread of OpenID, there are four additional areas that I think need more attention. I’ll address each separately. Read More »

By Chris Messina | Posted in Citizen-centric Web, Digital Identity, Life online, Open source, Technology, Usability, Web building | Comments (32)

My argument against Proposition 8

Oct 18th – 1pm

Politics is something that I normally don’t cover on my blog, but not for any particularly reason. I typically get more [publicly] worked up about technology and the economics and politics of technological development than I do about directly human-facing issues, but that’s not because I’ve ever lost sight of the fact that ultimately all this technology is intended to serve people, or that there are more important, and more visceral, issues that could be tackled for greater, or longer lasting effect. It’s just that I haven’t really felt like I had an articulate contribution to make.

Perhaps until now.

If you’re not interested in political discourse, that’s of course your prerogative and you certainly can skip this post. Personally, however, I’ve become increasingly interested in what’s going on in this country (my country), and increasingly enamored of political dialogue (however bereft of content as it sometimes is) as well as our representative democracy — an imperfect system to be sure, but one that at least, by and large, affords its constituents a voice in matters local, state and federal. And personal.

Here in California, we have a cagey system of democracy where voters are provided the opportunity to consider multiple arguments for and against several propositions presented on a ballot to determine numerous policies at both the state and local level. I voted absentee yesterday (as I’ll be traveling to Oceania later this week) and along with the ballot for the presidential election, there were two accompanying ballots, one for the state and one for the city of San Francisco, where I am a resident.

On the state ballot is Proposition 8, effectively an amendment to the California state constitution that would ban gay marriage by defining it strictly as a union of a heterosexual couple: one man, one woman.

I voted against this proposition. And I’ll tell you why.

Voting no Proposition 8

Back in the day…

When I was a senior in high school (in conservative “Live Free or Die” New Hampshire), I supported an initiative to create a gay-straight student alliance, or GSA. At the time, I was on the staff of the newspaper and was more informed of the various controversies affecting my classmates, but I’ll admit, I was also pretty ignorant of other “lifestyles”. Still, if my parents taught me anything, tolerance and self-respect were a few of the more subtle lessons that must have stuck, which led me to support the effort.

As I had done for many of the school’s student clubs, I created a homepage with information on the GSA initiative and hosted it on my own website. I had also single-handed built my high school’s website (even though I couldn’t get any educator besides the dorky librarian to care) and inserted a banner ad into the site’s rotating pool of four or five ads promoting the other school club sites that I’d designed.

The ad for the GSA, which didn’t say much more than “Find out more” with a link off-site, was in rotation for several weeks when I was called down to the principal’s office to explain why I was announcing school policy without authorization. So it goes in the petri-dish of adolescent high school politics and unbalanced power relationships.

Rather than use this as an educational opportunity, the principal, who later became mayor of the city, decided instead to use this situation as a reeducational opportunity and externally suspended me for six days, meaning I wouldn’t be able to graduate.

I’ll cut to the chase in a moment, but in response, I took down the GSA ad — as well as the entire high school’s site (I was hosting that on my own server too — back in 1999 schools didn’t know what a “web server” was). I vowed that I wouldn’t turn over the site files until they’d written up rules governing what students were and weren’t allowed to post to the school’s site; meanwhile my mom threatened to sue the school.

My infraction was small beans (and eventually overturned) compared with the lawsuit that GLAD and the ACLU filed against the school district barring discrimination against school clubs. By the time the lawsuit was decided in favor of the students, I had graduated and moved off to Pittsburgh, but the experience, and impression that it left on me, has resonated since.

…history repeating

None of these contested issues really consume you until you’re personally affected, as I was in high school, and today I feel equally affected by this proposition, but more capable of doing something about it.

The arguments for and against are fairly straight forward, but for me it comes down to two things:

  • First, I don’t believe that laws should codify discrimination. Our history as a nation has been blighted by both gender and racial discrimination, and now we’re facing discrimination against the makeup of certain families — specifically those of same-sex couples. Good law should strive to be non-ideological; discrimination is nearly always ideologically driven.
  • Second, if marriage as an institution stems from a religious foundation, but is represented in law, by the principle of the separation of church and state and presuming the importance of tolerance to culture, we should cleft out the religious underpinnings of marriage from law and return it to the domain of the church, especially if the church mandates that the definition of marriage is strictly between a man and a woman. The state should therefore only be in the business of recognizing in law civil unions, or the lawful coming together of two people in union. Marriage itself would be a separate religious institution, having no basis in civil law.

In other words, should marriage persist in law, then it should not be discriminatory against same-sex couples. If marriage must only be for heterosexual couples, then it should be removed from the state constitution and replaced with civil unions, which would be available to any two willing citizens.

The examples that have informed my thinking on this come from real people — friends whom I’ve now known for some time, and who I could not imagine being legally separated from their partners because of religious zealotry and illogical reasoning.

Hillary and AnnaThe first is Hillary Hartley, a good friend and fellow coworker at Citizen Space, who has been with her partner for eight years, having known her for 15. They were recently (finally!) able to get married in California, but the vote on November 4 threatens to annul their marriage. Think about that: the potential of this decision could dissolve the legal recognition of a perfectly happy, stable and loving relationship. I can’t even imagine what that must feel like, and because I am a heterosexual male, I never will. And that’s completely unjust.

marnieMarnie Webb is a also good friend of mine, who has been active in the non-profit technology space for years, and who I met through Compumentor, NetSquared and TechSoup (she’s co-CEO of TechSoup). Marnie faces the same fate as Hillary, but in her case, it would mean that Marnie’s daughter, Lucy, would grow up with parents who were legally not allowed to recognize their union, nor have rights for hospital visitation among other benefits of marriage.

The low-pressure ask

So here’s what I’m asking for. I’ll give you three options.

First, THINK about this. Talk to people about it. I’m certainly not going to make up your mind for you, but if you were (or are) in a heterosexual marriage and it was threatened to be annulled by changes in law, how would you feel about it? What would you do? The problem with discrimination is that someone’s always losing out; next time it could be you.

Second, VOTE. When you see Proposition 8 on the ballot, vote your conscience, not your ideology. Belief systems are powerful and complex, but they’re not always right. And times do change. It’s counter-intuitive to me that we’ve spent seven years and untold billions fighting for “Iraqi Freedom” when in our country we’re threatening to take civil liberties away from natural-born citizens.

Third, GIVE something. Obviously the presidential campaigns have probably tapped you out, especially given the uncertainly in the market, but you can give more than just money: you can give your time, or you can give mindshare and voice to these issues by widening the conversation, retweeting this post, blogging about it, or taking a video to record your own sentiments.

If you do want to donate money, both Hillary and Marnie have set up respective donation pages. The challenge we’re facing is that proponents of Prop 8 are better-funded and are able to put more ads on TV and make more phone calls. Money in this case can be directly turned into awareness, and into action. If you’ve got $5, it can make a difference, especially now, as your contribution will be matched dollar for dollar. It’s up to you.

By Chris Messina | Posted in Civil liberties, Personal, Philosophy, Social justice, Society & economy | Comments (71)