OIDF Account Chooser workgroup proposed agenda for 2/6/2013

19 views
Skip to first unread message

Eric Sachs

unread,
Feb 5, 2013, 6:56:57 PM2/5/13
to oidf-account-chooser-list
Suggested agenda for tomorrow.  Feel free to suggest changes.

Operational changes
[Brian/Eric]
- domain status - Symantec now has control/responsibility
- SSL cert - logistical problem on Google’s side, but hope to be live within a week
- process/procedure - needs to be flushed out.  Eric/Brian have that action item

Housekeeping
[Tim/Nat] Follow up on OIDF specs format

Functional changes
[Greg/Adam] They were going to follow up about the "add account"
[Eric] The last major area of suggested changes to Account Chooser has been browser optimizations.  This doc linked from ac.openid.net summarizes past discussions.
- BrianB to follow up with Symantec/Normal teams about potential browser extension enhancements in accountchooser.com.
- Google looking into some experiments.  Prototype (which is slow) available at https://gitkit-gmail.appspot.com that integrates with accountchooser.BIZ (the staging/experimental version of .com).
- To offer more user-choice, accountchooser.BIZ now supports a varient of the “add account” page that any website can redirect to and ask for user consent to have the same privledges that the native browser (or browser extension) might have.  You can test that by logging into the prototype app on a NON-Chrome browser, and you will see an ugly page asking if you want to give the domain consent to be your “bootstrapping domain.”  After that if you manually visit accountchooser.biz you will see that the user’s email has been pushed into it.  If the workgroup likes this approach, we can create a prettier UI and experiment with more of the features in the the browser optimizations ideas doc linked from ac.openid.com
- If you then try logging into the prototype app on a Chrome browser, then this ugly page won’t be shown.  But after signing into that prototype app, you can manually visit accountchooser.biz and you will see that the user’s email has been pushed into it.  Any vendor who controls a browser or browser extension could get the same thing to work.  If the workgroup likes this approach, Google can do some % experiments of this with Google logins on Chrome on accountchooser.com.  If the results are good, we can formally document this feature.


--
Eric Sachs | Group Product Manager for Identity | esa...@google.com 

Eric Sachs

unread,
Feb 6, 2013, 7:43:43 PM2/6/13
to oidf-account-chooser-list
Meeting notes below

Attendees:
Tim Bray
Nat Sakimura
Don Thibeau
Eric Sachs

Operational changes

[Brian/Eric]
- domain status - Symantec now has control/responsibility
- SSL cert - logistical problem on Google’s side, but hope to be live within a week
- process/procedure - needs to be flushed out.  Eric/Brian have that action item

Housekeeping
[Tim/Nat] Follow up on OIDF specs format - still in progress, but Tim available to work on it maybe in Tokyo


Functional changes
[Greg/Adam] They were going to follow up about the "add account"
[Eric] The last major area of suggested changes to Account Chooser has been browser optimizations.  This doc linked from ac.openid.net summarizes past discussions.
- BrianB to follow up with Symantec/Normal teams about potential browser extension enhancements in accountchooser.com.
- Google looking into some experiments.  Prototype (which is slow) available at https://gitkit-gmail.appspot.com that integrates with accountchooser.BIZ (the staging/experimental version of .com).
- To offer more user-choice, accountchooser.BIZ now supports a varient of the “add account” page that any website can redirect to and ask for user consent to have the same privledges that the native browser (or browser extension) might have.  You can test that by logging into the prototype app on a NON-Chrome browser, and you will see an ugly page asking if you want to give the domain consent to be your “bootstrapping domain.”  After that if you manually visit accountchooser.biz you will see that the user’s email has been pushed into it.  If the workgroup likes this approach, we can create a prettier UI and experiment with more of the features in the the browser optimizations ideas doc linked from ac.openid.com
- If you then try logging into the prototype app on a Chrome browser, then this ugly page won’t be shown.  But after signing into that prototype app, you can manually visit accountchooser.biz and you will see that the user’s email has been pushed into it.  Any vendor who controls a browser or browser extension could get the same thing to work.  If the workgroup likes this approach, Google can do some % experiments of this with Google logins on Chrome on accountchooser.com.  If the results are good, we can formally document this feature.

[Tim] Glad to see we are doing this, the bootstrapping problem is a hard problem to get over in selling accountchooser.com
[BrianB] Via email he noted "On the .biz test: I like this idea!"

Eric Sachs

unread,
Mar 4, 2013, 3:11:17 PM3/4/13
to oidf-account-chooser-list
>>  - SSL cert - logistical problem on Google’s side, but hope to be live within a week
The Verisign provided SSL cert is now live for accountchooser.com

On Tue, Feb 5, 2013 at 3:56 PM, Eric Sachs <esa...@google.com> wrote:
Reply all
Reply to author
Forward
0 new messages