[OpenID] An OpenID "mobile" Hint?
Johannes Ernst
jernst+openid.net at netmesh.us
Thu Jun 5 04:50:18 UTC 2008
Great idea.
The implementation would be a bit tricky, though. What are we talking
about here?
iPhone (easy -- comparatively)
other smartphone (doable, but each might be different)
WAP (hmmm...)
There are so many variations in the mobile world that enumerating a
set of device categories is hard.
Perhaps the XRDS file could simply contain the browser version string,
which means the RP would have to do very little work: if entry matches
browser version, use that OpenID provider. Otherwise: all bets are
off, like right now.
On 2008/06/04, at 14:08, David Recordon wrote:
> In developing a mobile application that uses OpenID for logins one of
> the things I've become really cognizant of is how poor of the mobile
> experience most Providers have when it comes to OpenID. It obviously
> doesn't take a lot to create a streamlined Provider flow for
> authentication and the trust request, but so far it seems that no one
> has really done that. I was also thinking more about Providers such
> as YubiKey where authenticating with a USB device (despite how awesome
> it is) won't work on my iPhone.
>
> I'm wondering if it would be useful to write a dead simple extension
> to provide some hints around mobile support? Allow a Provider to
> advertise in an XRDS file that they support a mobile login flow so
> that Relying Parties could discover that theoretically making it so
> that I could use a Provider such as YubiKey on the desktop and then
> MyOpenID on the phone.
>
> Am I barking up a useful tree? If I spec'd this would any Providers
> actually implement a mobile friendly flow?
>
> --David
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
More information about the general
mailing list