[OpenID] "Consumer-Ping-Service" for OpenID Providers

Thomas Huhn thomas.huhn at gmail.com
Tue Mar 6 00:26:24 UTC 2007

To all OpenID Providers:

I received an interesting question today on my blog concerning the number of
OpenID-enabled sites available out there
Is the number really around 1000 or are the 145 sites actually listed on the
OpenID Directory ( http://openiddirectory.com) more realistic?

I really can´t answer this - probably it´s something in between. At the
moment we have about 4-8 submissions per day at "The OpenID Directory". Some
of them cannot be approved because of not or only partial working OpenID
implementations. Some are hard to approve because the standard login forms
are not used and that way hard to find on sites in Chinese language e.g.

The good message is that there´s a way the number of OpenID-enabled sites on
the directory can be dramatically improved while checking for working
implementations can be reduced to a minimum: by cooperating with OpenID

How? Well, we would like to start a "consumer-ping-service" that hands over
the URL of the trustroot every time a NEW OpenID consumer has SUCCESSFULLY
authenticated an OpenID for the first time. Even if the OpenID consumers
will still have to be approved manually (e.g. for filtering out local test
sites or illegal stuff) this would be a chance to get information from first
hand and make this information available on a central directory.

I would also offer to make the statistics of new subscriptions to the OpenID
Directory available to the community (only the summary of submissions per
day, maybe detailed per category, but keeping the sources of information
confidential), which would hopefully be some good and trusted marketing

The usefulness of this "consumer-ping-service" depends on the acceptance of
the OpenID providers. The more IdPs join, the more complete the market
overview gets. The more attractive sites users can find, the more attractive
the OpenID technology gets at all.

So if you´re running an OpenID provider please give me feedback and I will
set up a simple API in a few days. I would suggest that the minimum
parameter needed is the trustroot from the authentication request, the rest
of the information for the directory like title and description can be
crawled automatically from the html of the website by our server or at least
be filled in during manual approvement. To avoid spam we will restrict
access to the API by ipadress. This way only registered IdPs can auto-submit
new sites.

I don´t think we´re running into any privacy issues by passing over the new
trustroots that appear on the web, but IdPs should at least consider to
check their terms of service. Maybe another checkbox is needed saying
something like "please publish this site to the OpenID Directory". The
problem I see is that this would not be very self-explainable. I´m not quite
sure if this is necessary at all, but at least it gives the control to the

Any suggests, more ideas?

Thomas Huhn
"The OpenID Directory <http://openiddirectory.com> - find enabled sites"

BTW: The OIDD will relaunch in a few days with OpenID login giving access to
registering, voting with lists of voters, comments, tagging and a lot more
new features :)

Solution Media GmbH
Eugen-Hertel-Strasse 20
DE-67657 Kaiserslautern

Email info at solution-media.de
Web www.solution-media.de
Phone +49 (180) 566 323 800 193
Fax +49 (180) 566 323 800 256

HRB 3519
Amtsgericht Kaiserslautern

Dipl.-Kfm. Thomas Huhn

Steuer-Nr. 27-19/666/0269/1
Ust-Ident Nr. DE205242136

Kreissparkasse Kaiserslautern
BLZ 54050220 Konto 81166
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070306/0a72ccae/attachment-0001.htm>

More information about the general mailing list