[OpenID] Using OpenID outside of the browser

Chris Messina chris.messina at gmail.com
Tue May 1 21:09:31 UTC 2007 

I do want to just shout out that we've been working on a solution for
this for Twitter and Ma.gnolia. To describe the problem more acutely:

* Let's say you login into Ma.gnolia with an OpenID. This creates an
account for you on Ma.gnolia keyed to your OpenID URL.
* Next, you download the Ma.gnolia desktop widget and attempt to
login. It requires a username and password, which you don't have,
since you logged in with OpenID.
* At this point, Ma.gnolia could either assign a unique username and
password to you, which would defeat the purpose, or we could do
something like Flickr does with FlickAuth.
* This situation also holds for remote web services that want to make
use of protected Ma.gnolia user data that requires authentication for
access.

I believe that Gabe's solution has this situation in mind, though it
requires running a local server, which, in our use case, is not
acceptable.

In the meantime, we've developed an alternative,
authentication-neutral protocol for handling this situation that will
work with OpenID (our preferred method) or any other authentication
protocol.

We have a prototype and code to perform this action right now, but it
needs more work before we're ready to release it.

I just wanted to alert folks to the fact that some folks are attacking
this problem and offering details on our approach.

Chris


On 5/1/07, Martin Atkins <mart at degeneration.co.uk> wrote:
> Brendan Taylor wrote:
> >
> > When I get some time I intend to describe this idea more concretely and
> > implement it. I don't want it to get in the way of SRP adoption, though.
> >
>
> I wouldn't worry too much about the Signature Request Protocol. I think
> I'm the only one who cares about it right now. :)
>
> I'd much sooner see a solution get out there, even if it's just a quick
> hack that gets the job done. There are several apps that could
> potentially use this that I'd love to see use OpenID rather than Yet
> Another Password.
>
>
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>


-- 
Chris Messina
Citizen Provocateur &
  Open Source Ambassador-at-Large
Work: http://citizenagency.com
Blog: http://factoryjoe.com/blog
Cell: 412 225-1051
Skype: factoryjoe
This email is:   [ ] bloggable    [X] ask first   [ ] private

More information about the general mailing list