[OpenID] My 2 Cents to the OpenID foundation

Luke Shepard lshepard at facebook.com
Thu Apr 2 17:57:31 UTC 2009


The core OpenID spec doesn't by itself provide a lot of data - just an identifier. I was able to log in with an OpenID identifier using the Myspace endpoint without pre-registration using the generic PHP Janrain library. Of course, to access extended information using OAuth, you need to pre-register, but that is entirely within both the letter and the spirit of the OpenID and OAuth specs.

>From the OAuth spec, section 4.2:

"The Service Provider's responsibility is to enable Consumer Developers to establish a Consumer Key and Consumer Secret. The process and requirements for provisioning these are entirely up to the Service Providers."

This highlights the fact that in order to build a truly useful stack, we need to extend the core specs to allow for more data flow. The OpenID/OAuth hybrid is a great example of the kind of work that's going on to enable that.

On 4/2/09 10:46 AM, "Martin Atkins" <mart at degeneration.co.uk> wrote:

Allen Tom wrote:
> santrajan wrote:
>> As a side note myspace has come out with there own version of OpenID
>> support, which is not compatible with the OpenID specification. Another
>> example of vested interests tearing apart the concept of OpenID.
>
> Can you elaborate on this? As far as I can tell, MySpace has implemented
> OpenID 2.0 along with the OpenID OAuth Extension. The OpenID  OAuth
> Extension is not finalized yet, but there is a  draft spec available.
>

MySpaceID currently requires an application to be pre-registered with
MySpace, so it doesn't do ad-hoc interop as most OpenID Providers do.

_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090402/aca49f65/attachment-0001.htm>


More information about the general mailing list