Gathering requirements for in-browser OpenID support
Dick Hardt
dick at sxip.com
Thu Oct 19 16:34:51 UTC 2006
Actually, RP code can remember the OpenID the user provided and store
it in a cookie and fill it in so that user just has to hit the login
button after they have been there once, assuming they have only use
one account at the site with that browser.
-- Dick
On 19-Oct-06, at 9:30 AM, Chris Drake wrote:
> Hi Chris Messina,
>
> Your idea is not currently supported in OpenID - every new site a user
> visits after "logging in" for the day, will require him to re-type his
> OpenID again (and again...).
>
> The proposed OpenIDHTTPAuth standard would, however, provide a
> mechanism to accomplish your (our) dream - which is - log in (or out!)
> once, and you don't have to do it again for every RP you visit.
>
> Kind Regards,
> Chris Drake
>
>
> Wednesday, October 18, 2006, 10:21:34 AM, you wrote:
>
> CM> More generally, we need to see integration of OpenID and
> Apple's Keychain:
>
> CM> http://dig.csail.mit.edu/breadcrumbs/node/55
>
> CM> Imagine logging into your user account, which itself is an
> OpenID, and
> CM> being able to be authenticated against all the web services you
> CM> typically use. This is probably a reality in most enterprise
> CM> environments, but for the lay-consumer (read: me) this is light
> years
> CM> away.
>
> CM> OpenID + the MacOSX Keychain would be a very positive step in that
> CM> direction, especially if Mozilla and others could leverage it
> CM> generally, as Camino and Safari do.
>
> CM> Chris
>
> CM> On 10/17/06, Jaco Aizenman <skorpio at gmail.com> wrote:
>>> +1
>>>
>>>
>>> On 10/16/06, Drummond Reed <drummond.reed at cordance.net> wrote:
>>>> +1 for building ooTao's ph-off into the browser. It's a great
>>>> utility -- I
>>>> use it every day. As Brad says, it's dramatically easier to
>>>> maintain a
>>> short
>>>> whitelist of real IdPs rather than an infinite blacklist of fake
>>>> ones.
>>>>
>>>> =Drummond
>>>>
>>>> -----Original Message-----
>>>> From: general-bounces at openid.net
>>> [mailto:general-bounces at openid.net] On
>>>> Behalf Of Brad Topliff
>>>> Sent: Monday, October 16, 2006 1:29 PM
>>>> To: general at openid.net
>>>> Subject: RE: Gathering requirements for in-browser OpenID support
>>>>
>>>> We (and when I say we, I mean Andy Dale) did some work on this
>>>>
>>> (http://xditao.blogspot.com/2006/09/you-should-ph-off.html)
>>> as a proof of
>>>> concept. It is alpha code, but it addresses some of the
>>>> thoughts and
>>>> requirements that should go into this.
>>>>
>>>> To Scott's final comment, one of the big issues to be considered
>>>> is the
>>>> logistical difference between showing something obviously
>>>> POSITIVE when
>>> you
>>>> are at one of your few "trusted" IdPs as opposed to something
>>>> NEGATIVE
>>> when
>>>> you are someplace "untrusted" (which is everywhere else).
>>>>
>>>> -Brad
>>>>
>>>> -----Original Message-----
>>>> From: general-bounces at openid.net [mailto: general-
>>>> bounces at openid.net] On
>>>> Behalf Of Scott Kveton
>>>> Sent: Monday, October 16, 2006 12:32 PM
>>>> To: general at openid.net
>>>> Subject: Re: Gathering requirements for in-browser OpenID support
>>>>
>>>> Hey Rob,
>>>>
>>>>> I'm trying to gather requirements for OpenID support. I think I
>>>>> have a
>>>>> reasonable understanding of the draft, but part of the appeal
>>>>> of OpenID
>>>>> is that it doesn't necessarily require browser vendors to do
>>>>> anything :)
>>>>>
>>>>> I've seen the proposed 2617-style HTTP authentication scheme on
>>>>> the
>>>>> wiki. What else could browser vendors do to make OpenID a smoother
>>>>> experience for users?
>>>>
>>>> As I posted on the Mozilla wiki:
>>>>
>>>>
>>> http://wiki.mozilla.org/Firefox/Feature_Brainstorming#Identity
>>>>
>>>> I'd love to see some anti-phishing mojo baked into the browser.
>>>> If the
>>> user
>>>> could set their trusted IdP (or multiple as the case may be) in the
>>> browser
>>>> and then have the browser do something obvious when the users is
>>>> presented
>>>> with an "untrusted" page asking for their password that would be
>>>> great
>>> IMHO.
>>>>
>>>> - Scott
>>>>
>>>> _______________________________________________
>>>> general mailing list
>>>> general at openid.net
>>>> http://openid.net/mailman/listinfo/general
>>>>
>>>>
>>>> _______________________________________________
>>>> general mailing list
>>>> general at openid.net
>>>> http://openid.net/mailman/listinfo/general
>>>>
>>>> _______________________________________________
>>>> general mailing list
>>>> general at openid.net
>>>> http://openid.net/mailman/listinfo/general
>>>>
>>>
>>>
>>>
>>> --
>>> Jaco Aizenman L.
>>> My iname is =jaco (http://xri.net/=jaco)
>>> Founder - www.virtualrights.org
>>> XDI Board member - www.xdi.org
>>> Cofounder CEO - costarricense.com
>>> Tel/Voicemail: 506-3461570
>>> Costa Rica
>>>
>>> What is an i-name?
>>> http://en.wikipedia.org/wiki/I-name
>>> _______________________________________________
>>> general mailing list
>>> general at openid.net
>>> http://openid.net/mailman/listinfo/general
>>>
>>>
>>>
>
>
>
>
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
>
More information about the general
mailing list