[OpenID] Persistent logins

Max Metral max at artsalliancelabs.com
Tue Mar 13 20:50:27 UTC 2007


I agree this works, but I'm not sure all sites will sign up to denying a
user entry because a (massively decentralized) IDP went down.  As of now
I'm one of those not willing to sign up for it, but I haven't decided if
I'm being unreasonable or not. :)

-----Original Message-----
From: general-bounces at openid.net [mailto:general-bounces at openid.net] On
Behalf Of Johannes Ernst
Sent: Tuesday, March 13, 2007 4:47 PM
To: Carl Howells
Cc: general at openid.net
Subject: Re: [OpenID] Persistent logins


On Mar 13, 2007, at 11:01, Carl Howells wrote:

> You should take a look at how http://jyte.com/ manages user 
> authentication.
>
> When a user authenticates, jyte sets two cookies: a session cookie 
> that contains an is-logged-in credential, and a long-term cookie that 
> contains the identifier the user authenticated with.

Hey, that sounds just like the LID one! ;-)

Not surprisingly, I agree that this is a good approach.




Johannes Ernst
NetMesh Inc.





More information about the general mailing list