OpenID...An "ID"ea whose time has come?

OpenID...An "ID"ea whose time has come? - A Suburbs Boy Living a Country Life

[Recent Entries][Archive][Friends][Profile]

[My Flickr Photos]

July 24th, 2007

09:57 am

[Link]

OpenID...An "ID"ea whose time has come?
Passport was cool, but in the end it really was too "owned" by Microsoft to become anything more than the first widely-used single sign-on for access to all of a large enterprise's customer-facing web accesses.

I just logged in to the new Plaxo portal using my LiveJournal OpenID. But I could have used any OpenID provider that I liked.

Well, friends, comment at will...is the world ready for OpenID? Something else? Or, no, people will be using separate logins and passwords for every single different site they use for the forseeable future?

Current Mood: curious curious

(4 comments | Leave a comment)

Comments

From:	desiringavalon
Date:	July 24th, 2007 02:46 pm (UTC)

I'm paranoid.

(Link)

I think I'm too paranoid to use such a thing, b/c I'd be thinking "oh crap, if someone manages to snag my OpenID then they can get into all my stuff all over the net!"

But then... Iiiii'm kind of a paaaaaaranoid person. :-)~

(Reply) (Thread)

From:	happypete
Date:	July 24th, 2007 04:22 pm (UTC)

Re: I'm paranoid.

(Link)

I totally understand.

Any successful solution has to adrress the implications of security breaches.

One nice thing about an open solution is that you could choose any model you want: from the "do it yourself" option to stand up your own server all the way to fee-based OpenIDs that offer value-added services like fraud protection, customer service, etc.

(Reply) (Parent) (Thread)

From:	(Anonymous)
Date:	July 24th, 2007 02:53 pm (UTC)

(Link)

(Reply) (Thread)

From:	technoshaman
Date:	July 24th, 2007 03:10 pm (UTC)

(Link)

I would very much like a distributed open source authentication thingy like OpenID... I want to take the Web back to the days of Usenet, when everybody took what feeds they wanted, read what they wanted, wrote what they wanted, and everybody else decided what of your stuff they wanted and left the rest. With OpenID you can do "friends-locked" across multiple blogs both inbound and outbound, and only the folks you want to see your stuff see your stuff, but you don't have to worry about maintaining their login info, because *they* do. All you have to do is maintain a "friends list" of authenticated-URLS you want to read your stuff.

I'd love to be able to drop a stripped-down copy of LJ on my own server (I don't need memcached or anything wild like that, since I'll have at most eight or ten users) and let folks point RSS at it...

Hmmm.... that would be interesting, is if LJ (or a hacked version of it) could have per-user RSS pulls that manage OpenID authentication... or vicey versy, do you folks know of an RSS reader that'll do joe random authentication, or OpenID specifically?

(Reply) (Parent) (Thread)

From:	happypete
Date:	July 24th, 2007 03:48 pm (UTC)

I used one that used basic auth [ugh]

(Link)

That always squicked me, basic auth over a non-ssl feed.

I believe LJ will respect your cookie, if you have one [and your aggregator uses your browser's API, so that the cookie is known and sent], when pulling a feed...In fact, I just checked this; I went to happypete.livejournal.com/rss and my protected posts did appear in the feed results. So, using aieeeeeeee as an aggregator would actually work.

(Reply) (Parent) (Thread)

Log in

I'm paranoid.

Re: I&#39;m paranoid.

I used one that used basic auth [ugh]

Re: I'm paranoid.