I think I'm too paranoid to use such a thing, b/c I'd be thinking "oh crap, if someone manages to snag my OpenID then they can get into all my stuff all over the net!"
But then... Iiiii'm kind of a paaaaaaranoid person. :-)~
|Date:||July 24th, 2007 04:22 pm (UTC)|| |
Re: I'm paranoid.
I totally understand.
Any successful solution has to adrress the implications of security breaches.
One nice thing about an open solution is that you could choose any model you want: from the "do it yourself" option to stand up your own server all the way to fee-based OpenIDs that offer value-added services like fraud protection, customer service, etc.
|Date:||July 24th, 2007 02:53 pm (UTC)|| |
I would very much like a distributed open source authentication thingy like OpenID... I want to take the Web back to the days of Usenet, when everybody took what feeds they wanted, read what they wanted, wrote what they wanted, and everybody else decided what of your stuff they wanted and left the rest. With OpenID you can do "friends-locked" across multiple blogs both inbound and outbound, and only the folks you want to see your stuff see your stuff, but you don't have to worry about maintaining their login info, because *they* do. All you have to do is maintain a "friends list" of authenticated-URLS you want to read your stuff.
I'd love to be able to drop a stripped-down copy of LJ on my own server (I don't need memcached or anything wild like that, since I'll have at most eight or ten users) and let folks point RSS at it...
Hmmm.... that would be interesting, is if LJ (or a hacked version of it) could have per-user RSS pulls that manage OpenID authentication... or vicey versy, do you folks know of an RSS reader that'll do joe random authentication, or OpenID specifically?
|Date:||July 24th, 2007 03:48 pm (UTC)|| |
I used one that used basic auth [ugh]
That always squicked me, basic auth over a non-ssl feed.
I believe LJ will respect your cookie, if you have one [and your aggregator uses your browser's API, so that the cookie is known and sent], when pulling a feed...In fact, I just checked this; I went to happypete.livejournal.com/rss and my protected posts did appear in the feed results. So, using aieeeeeeee as an aggregator would actually work.