confusing mesage about "not recognized by the Launchpad login service"

Bug #648512 reported by Martin Pool on 2010-09-27
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Canonical SSO provider
Low
Unassigned

Bug Description

If you use your Launchpad openid url to log in to, for example, stackoverflow, you get this message:

"""
You have used your Single Sign On ID to access a site which is not recognised by Launchpad Login Service:

http://stackoverflow.com/users/authenticate/
If you proceed, the following information will be available to the website:

Only your identity URL
"""

Users asked on irc: what does this even mean?

I guess it means the site is not specifically whitelisted. Does it matter? Does it indicate problems are likely? Why not rephrase the first sentence.

Curtis Hovey (sinzui) on 2010-09-27
affects: launchpad → canonical-identity-provider
Changed in canonical-identity-provider:
status: New → Confirmed
importance: Undecided → Low
tags: added: meta633877
tags: added: proj-openit
removed: meta633877
Damian Yerrick (tepples) wrote :

Would "site which is not operated by Canonical" be easier to understand?

Thorsten Glaser (mirabilos) wrote :

Yes, that would be perfect.

I would say something like:

"Do you want to log in to **stackoverflow.com** using your Ubuntu ID?
This site is not operated by Canonical."

That puts the important question first and the (moderately important)
caution in the first paragraph.

--
Martin

I think I'd rather just drop the "not recognised by" or "not operated by" entirely. We have 3 levels of site:

 1. Owned and operated by Canonical - usually auto-redirects so the user won't even see the confirmation page
 2. Official community site, considered 'trusted' and has a human-readable name
 3. Unknown sites which present the message this bug is discussing.

For #2, we currently say:

"Sign in
If you proceed, the following information will be available to LoCo Team Directory:
...
[Yes, sign me in] or cancel"

and for #3, we currently say:

"You have used your Single Sign On ID to access a site which is not recognised by Launchpad Login Service:
{url}
If you proceed, the following information will be available to the website:
...
[Yes, sign me in] or cancel"

I think I'd rather just standardise the message (hopefully making it less alarming/confusing) to something like:

"Sign in to {trusted-name or url}?
This site has requested additional information about you. Please choose what you want to share:
...
[Yes, sign me in] or cancel"

This is similar to other openid providers such as myopenid.com

Martin Pool (mbp) wrote :

On 14 March 2012 23:55, Stuart Metcalfe <email address hidden> wrote:
> "Sign in to {trusted-name or url}?
> This site has requested additional information about you.  Please choose what you want to share:
> ...
> [Yes, sign me in] or cancel"
>
> This is similar to other openid providers such as myopenid.com

+1, though perhaps we can improve on the slightly vague "has requested
additional information about you". Even just dropping that sentence
and saying "Please choose what you want to share" could be good.

--
Martin

That sounds good. I think we have enough to proceed with this fix. Thanks for your thoughts and feedback, everyone

Changed in canonical-identity-provider:
status: Confirmed → Triaged
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Related questions

Related blueprints