In Google’s version of the OpenID “standard,” users would enter their @gmail.com email addresses in the OpenID login box on OpenID-enabled sites, who would then detect that a Google email was entered. The server then requests permission from Google to use the OpenID standard in the first place by POSTing an XML document to Google’s “OpenID” servers. If Google decides it’ll accept the request from the server, it’ll return an XML document back to the site in question that contains a link to the actual OpenID URI for the email account in question.
This essentially makes Google the arbiter of who can and cannot sign in using their credentials on a third party website.
As the article states, this is not “Open” ID. It’s Google seeking control. – post by adamskinner
Posted from Diigo. The rest of my favorite links are here.