[OpenID] My 2 Cents to the OpenID foundation
lshepard at facebook.com
Thu Apr 2 17:57:31 UTC 2009
The core OpenID spec doesn't by itself provide a lot of data - just an identifier. I was able to log in with an OpenID identifier using the Myspace endpoint without pre-registration using the generic PHP Janrain library. Of course, to access extended information using OAuth, you need to pre-register, but that is entirely within both the letter and the spirit of the OpenID and OAuth specs.
>From the OAuth spec, section 4.2:
"The Service Provider's responsibility is to enable Consumer Developers to establish a Consumer Key and Consumer Secret. The process and requirements for provisioning these are entirely up to the Service Providers."
This highlights the fact that in order to build a truly useful stack, we need to extend the core specs to allow for more data flow. The OpenID/OAuth hybrid is a great example of the kind of work that's going on to enable that.
On 4/2/09 10:46 AM, "Martin Atkins" <mart at degeneration.co.uk> wrote:
Allen Tom wrote:
> santrajan wrote:
>> As a side note myspace has come out with there own version of OpenID
>> support, which is not compatible with the OpenID specification. Another
>> example of vested interests tearing apart the concept of OpenID.
> Can you elaborate on this? As far as I can tell, MySpace has implemented
> OpenID 2.0 along with the OpenID OAuth Extension. The OpenID OAuth
> Extension is not finalized yet, but there is a draft spec available.
MySpaceID currently requires an application to be pre-registered with
MySpace, so it doesn't do ad-hoc interop as most OpenID Providers do.
general mailing list
general at openid.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the general