213 items tagged “openid”
2008
The Flickr [OpenID] implementation, coupled with their existing API, means we could all offer things like "log into my personal site for family (or friends)" and defer buddylist management to the well-designed Flickr site, assuming all your friends or family have Flickr accounts.
Yahoo!, Flickr, OpenID and Identity Projection
Via ReadWriteWeb, view source on a Flickr photostream page and search for “openid” and you’ll be rewarded with the following snippet:
[... 582 words]Flickr to Authenticate OpenID. Flickr /photos/username/ pages are now (almost) OpenIDs—they point at a new Yahoo!-wide OpenID server, but it hasn’t been switched on yet. It’s OpenID 2 only, presumably so Yahoo! can protect their users’ privacy by using directed identity to hide individual screen names.
2007
OpenID and Google’s Blogger. Blogger gets it wrong by displaying a nickname derived from the OpenID URL (in Malcolm’s case, “blog”) instead of the user entered nickname.
James Henstridge: OpenID 2.0. Excellent description of the new features in OpenID 2.0, including a clear explanation of directed identity and attribute exchange.
Thanks to OpenID and OAuth, the Open Social Web is Beginning to Emerge. My blog’s OpenID powered watchlist and “your comments” features got a write-up on Wired! Nice to know that someone has noticed them.
DiSo: Distributed Social Networking applications (via) New project to prototype a decentralised social network on top of WordPress, using OpenID, microformats and social whitelisting.
OpenID 2.0 Final(ly)! Launched at the Internet Identity Workshop. The most interesting feature is probably directed identity, which goes a long way to solving some of the usability issues involved in users having to enter their own URLs.
Call for Participation for XTech 2008. XTech 2008 will be in Dublin, Ireland from the 6th to the 9th of May. Lots of really interesting topics in the CfP (OpenID, OAuth, Comet, CouchDB...)—deadline for submissions is the 25th of January.
Blogger: OpenID commenting (via) I may be wrong, but I think this is the first Google property to support OpenID in any way.
Portable Social Networks: Take Your Friends with You. Brian Suda explains how OpenID, XFN and hCard can be used together to bootstrap portable social networks.
Giant Global Graph. Tim Berners-Lee points out that the Semantic Web is designed to solve problems such as portable social networks.
I think it is well established that HTTP Authentication needs a major kick in the ass and OpenID and OAuth may get us most of the way there. However, until I see RFC#s attached to both I'm hardly going to consider them to be complete. I propose the creation of an IETF WG on Identity and Authentication. The WG would be chartered to produce two RFCs covering each of the two areas. OpenID and OAuth could be used to seed the WG effort.
How will OpenID change your site? Excellent introduction to OpenID by Peter Nixey—includes some really nice analogies for explaining both the concept and the implications.
MyOpenID adds Information Card Support. First client SSL certificates, now Information Cards. MyOpenID is certainly taking browser-based phishing solutions seriously.
OpenID.net has been redesigned. Love the new look—much cleaner and easier to understand, and it now gives people looking to get themselves an OpenID somewhere to go.
identity-matcher. Dopplr’s social network importing code (for Gmail, Twitter, Facebook and sites supporting Microformats), implemented as a Rails ActiveRecord plugin.
Cronto. I saw a demo of this the other day—it’s a neat anti-phishing scheme that also protects against man in the middle attacks. It works using challenge/response: an image is shown which embeds a signed transaction code; the user then uses an application on their laptop or mobile phone to decode the image and enters the resulting code back in to the online application.
BBC Radio 4—Click On. I was interviewed on today’s programme, about OpenID. The clip is about 7 minutes in to the program, which is available using RealPlayer and the BBC’s Listen Again service.
Email addresses your OpenID via DNS. Sam Ruby has warmed to the idea of making e-mail addresses usable as OpenIDs via a DNS SRV record.
Designing for a security breach
User account breaches are inevitable. We should take that in to account when designing our applications.
[... 545 words]Sun’s OpenID IdP: Real vs Fake. The thinking behind Sun’s decision to allow users of their OpenID provider to pick fake names and assign personal e-mail addresses.
Your telco knows who you are, where you live and even your credit card number or bank account. It's their business to provide you physical access from a real location and identify you as a customer by sending you invoices and receiving money from you. This means that Orange OpenIDs are verified IDs of real people as a matter of principle.
France Telecom Supports OpenID! France Telecom is the parent company of Orange. Apparently all 40 million France Telecom subscribers now have an OpenID.
Sun’s OpenID IdP: Data Governance. Lauren Wood explains the checklist used to ensure Sun’s OpenID provider adequately respected user privacy and data governance (what happens to the data that is stored).
Sun OpenID IdP: protocol and implementation review. Sun employees are posting lots of useful insights gathered during the implementation of their OpenID provider.
Quechup: Another Social Network Enemy! This is why we need to stop teaching users that it’s OK to give their e-mail username and password to any site that asks for it.
OAuth: Your valet key for the Web. OAuth is a really important new specification that aims to solve the “give this application permission to do X on my behalf” problem once and for all.
Google To “Out Open” Facebook On November 5. “Google will announce a new set of APIs on November 5 that will allow developers to leverage Google’s social graph data. They’ll start with Orkut and iGoogle (Google’s personalized home page), and expand from there to include Gmail, Google Talk and other Google services over time.”
Six Apart: We Are Opening the Social Graph. Six Apart put their cards on the table with respect to the social graph problem—focusing on OpenID, XFN and FOAF as enabling technologies. Be sure to watch the screencast demo of their new social graph visualisation tool.