[OpenID] [OPenID] OpenID usage figures
Immad Akhund
i.akhund at gmail.com
Fri Sep 28 16:53:45 UTC 2007
If there is no protection against abuse those usage number will very quickly
become meaningless and it would be hard to get large OPs to invest time in
pinging usage to a system that could so easily be gamed.
The only way is if OP released data publicaly, but some may consider it to
be a competitively sensitive and not release data. A body like the OpenID
foundation could receive monthly data from the large OP which it then
anonymizes and aggregates for us. Not sure if that is within there mandate.
-Immad
On 28/09/2007, Hans Granqvist <hans at yubico.com> wrote:
>
> > The number of "usages" - I assume you mean the number of RP
> > authentication requests - to determine that figure, you'd need
> > information from the logs of all OpenID Providers.
>
> How about devising a dead-simple voluntary protocol where
> an OP (perhaps also RP) could ping, say http://openid.net/usage
> for the sole purpose of collection of such stats?
>
> GET /usage?op=example.com&event=n HTTP/1.1
>
> where n is an int defining the event (successful auth, sreg used, etc).
>
> (Can be abused, sure. /usage can check source IP to OP for obvious
> system gaming. Maybe that's enough of deterrent.)
>
> Any takers? Shouldn't take more than a day or so to implement. I can
> help if there is anyone who can host the service.
>
> -Hans
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
--
Cell: +1 617 460 7271
Skype: i.akhund
Blog: http://immadsnewworld.blogspot.com
Clickpass, CTO
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070928/b720c6f7/attachment-0002.htm>
More information about the general
mailing list