Items tagged openid in 2008
Filters: Year: 2008 × openid × Sorted by date
Getting OpenID Into the Browser. David Recordon makes the case for online identity management as a key browser feature (I like the “your browser is currently locked” concept), and argues that Gears is in a great position to deliver it. # 3rd December 2008, 10 am
Clearing up inaccuracies about the Google OpenID IDP launch. Google took some undeserved flack when they launched their OpenID provider. For the record, whitelisting providers fits my definition of the “Open” in OpenID perfectly (providers and consumers are free to impose whatever policies they like). # 8th November 2008, 11:11 pm
New OpenID Implementations Abound. I’ve missed linking to a bunch of OpenID news recently—in particular, Google Accounts are becoming OpenID identifiers and LiveJournal has quietly ugraded its consumer support to OpenID 2.0. # 30th October 2008, 5:11 pm
In the final Production release we will be adding the ability to sign in to the Live ID OpenID Provider using any of the credential types that can be used with regular Live ID sign-in’s -- including CardSpace, SmartCard, eID, etc.
— Jorgen Thelin # 30th October 2008, 5:09 pm
Windows Live Adds Support For OpenID. I hope they include the option to log in to the provider using CardSpace, to address phishing. # 27th October 2008, 9:34 pm
Yahoo! Releases OpenID Research. Extremely valuable research, conducted with a group of typical Yahoo! users. OpenIDs usability remains bad, and if we don’t get it right soon something centralised like Facebook Connect will take over and the Web will stop being open. # 14th October 2008, 4:59 pm
Google’s Usability Research on Federated Login. Fascinating—suggests an approach to federated auth based on the Amazon.com “Yes, I have a password” login flow. Feels convoluted to me but apparently it tests really well against a mainstream audience. The more research shared around this stuff the better. # 22nd September 2008, 8:56 pm
New authentication schemes such as OpenID, or Microsoft’s CardSpace, may help as adoption increases. These systems make it possible to register for one site using credentials verified by another. Instead of having many sites with poor verification procedures, the internet could have a few sites with strong verification procedures, that are then used by others. The advantage for the user is that they no longer have to jump through multiple hoops for each new site they encounter.
— Tim Anderson (in the Guardian) # 29th August 2008, 10:01 am
OSCON in 37 minutes. 45 OSCON talks summarised by their presenters in just 37 minutes, compiled by Gregg Pollack. I get to rant about OpenID for a minute at 27:22. # 29th July 2008, 11:59 pm
Email Address to URL Transformation (EAUT) specification now available! Allows OpenID users to login using their E-mail address, which is converted in to an OpenID URL based on rules specified in an XRDS document attached to the root domain. Seems like a good idea to me. # 22nd July 2008, 7:30 pm
MySpace To Join OpenID, Bringing Total Enabled Accounts to Over A Half Billion. Another 200 million OpenIDs—but the important difference between this and the Yahoo! and AOL announcements is that MySpace users know what their profile URL is. Whenever people have told me OpenID is flawed because people don’t understand URLs I’ve answered “sure they don’t, but they know their MySpace page”. # 21st July 2008, 7:42 pm
RefactorMyCode.com. Neat community for discussing improvements to code snippets. Login using OpenID. # 28th June 2008, 11:46 pm
OpenID is a new and maturing technology, and HealthVault is frankly the most sensitive relying party in the OpenID ecosystem. It just makes sense for us to take our first steps carefully.
— Sean Nolan # 24th June 2008, 6:29 pm
The point of “Open” in OpenID
TechCrunch report that Microsoft are accepting OpenID for their new HealthVault site, but with a catch: you can only use OpenIDs from two providers: Trustbearer (who offer two-factor authentication using a hardware token) and Verisign. "Whatever happened to the Open in OpenID?", asks TechCrunch’s Jason Kincaid.
[... 451 words]OpenID phishing demo (via) A demonstration of the OpenID man-in-the-middle phishing attack. idproxy.net OpenIDs are immune to this particular variant due to the landing page not asking for your password (the phishing site could still provide their own redesigned landing page and hope users don’t notice though). # 28th May 2008, 8:09 am
Byteflow Blog Engine. This looks like the most full-featured of the Django blog engines by a pretty big margin, including OpenID client and server support. A product of the growing Russian/Ukrainian Django community. # 11th May 2008, 7:41 pm
SourceForge Allows OpenID Logins. Excellent—SourceForge is the kind of site that I log in to infrequently enough to always forget my password (and indeed username) making OpenID a great fit. # 1st May 2008, 1:05 pm
HTML 5 vs. Yadis. The draft HTML5 spec currently disallows values for http-equiv and link rel which aren’t listed in the spec—meaning both methods of specifying a link to an OpenID server are invalid for HTML5. This should probably be fixed... # 19th April 2008, 4:35 pm
PayPal Plans to Ban Unsafe Browsers. At first I thought they were going to encourage real anti-phishing features in browsers, which would be a big win for OpenID... but it turns out they’re just requiring EV SSL certificates which have been proven not to actually work. # 19th April 2008, 10:45 am
OpenID for Google Accounts. Google App Engine integrates with Google’s user accounts, so Ryan Barrett (of Google) used it to build an idproxy.net style OpenID provider. # 9th April 2008, 1:09 am
OpenID and Spam. Matt Mullenweg: “OpenID has a ton of promise for the web—let’s not hurt it by setting people up for disappointment by telling them it’s a spam blocker when it’s not.” True for the case of general registration, but I still believe whitelisting known OpenIDs could be a powerful tool for fighting spam on personal sites. # 2nd April 2008, 7:33 pm
Interviewing Simon Willison about OpenID. I sat down with Vikram Kumar at Webstock to talk about OpenID, and the video is now online. # 30th March 2008, 6:40 pm
The real roadblocks to data portability on social networks. A bunch of smart questions posed by Facebook’s Dave Morin. This is why I think data portability is the wrong framing—moving data between sites is really hard. Importing social relationships between sites is much more viable (hence my interest in social network portability). Also, the complaints about systems sharing e-mail addresses are neatly addressed by using OpenID as the GUID for a user instead. OpenIDs can’t be spammed. # 26th March 2008, 7:53 pm
Clickpass. Peter Nixey’s new OpenID startup has finally launched—does a great job of making OpenID more approachable with a clean, well designed UI and a neat orange button. # 11th March 2008, 4:47 pm
A proposal: email to URL mapping. Brad’s just too damn smart. A simple solution to mapping an e-mail address to an OpenID that takes advantage of existing technology (YADIS) and doesn’t adversely affect e-mail privacy. # 8th February 2008, 11:39 am
Interview: Simon Willison on OpenID. Christian Heilmann interviewed me for the YDN blog. # 3rd February 2008, 10:18 pm
Yahoo! OpenID Provider service now available as a public beta. This actually happened a few days ago, but I’ve been offline for the past week travelling to New Zealand and attending Kiwi Foo. # 3rd February 2008, 10:17 pm
Django People: OpenID and microformats
In hindsight, it was a mistake to launch Django People without support for OpenID. It was on the original feature list, but in the end I decided to cut any feature that wasn’t completely essential in order to get the site launched before it drowned in an ocean of “wouldn’t-it-be-cool-ifs”.
[... 626 words]Telegraph to become OpenID provider (via) “The Telegraph will soon become the first newspaper in the world, and the first British media company, to become an OpenID provider.”. Didn’t see that one coming! # 21st January 2008, 2:43 pm
Yahoo! supporting OpenID 2.0 but not 1.1. Yahoo!’s Allen Tom outlines the reasons Yahoo! are supporting OpenID 2.0 but not OpenID 1.1. # 19th January 2008, 9:10 am