[OpenID] Google OpenID IDP is now live

Peter Williams pwilliams at rapattoni.com
Wed Oct 29 18:03:49 UTC 2008


Shame on me, as I've already forgotten the spec I studied last year.

does compliance require the RP to follow redirects to learn the "fully normalized" OP identifier?

i.e. ifI type in to the RP "home_pw.org/openid" (hosted by google's DNS contractor) and that DNS server offers the i-broker-like 302 redirect service to http://www.google.com/accounts/o8/id identifier, that's fine as my local name for GoogleIDP, no?


-----Original Message-----
From: general-bounces at openid.net [mailto:general-bounces at openid.net] On Behalf Of Dick Hardt
Sent: Wednesday, October 29, 2008 10:54 AM
To: Breno de Medeiros
Cc: Joseph Smarr; OpenID List
Subject: Re: [OpenID] Google OpenID IDP is now live

"www.google.com/accounts/o8/id"?

gosh, I'll remember that one! :-)

Given the non memorable openid generated by Google, I'd be interested
in how Google thinks users will login with their OpenID if they can't
type in gmail.com or google.com -- these should work. Will they?

-- Dick

On 29-Oct-08, at 10:38 AM, Breno de Medeiros wrote:

> At this point, you can discover using www.google.com/accounts/o8/id as
> your OP identifier if you so wish. However, initially we will require
> registration. Thanks.
>
> On Wed, Oct 29, 2008 at 10:30 AM, Andrew Arnott <andrewarnott at gmail.com
> > wrote:
>> Forgive my apparent ignorance, but this doesn't look like a
>> standard OpenID
>> Provider.  I just tried to log into my own RP typing in
>> "google.com" to use
>> directed identity, since I have no idea what my own identifier URL
>> would be,
>> and no endpoints were found.  Also tried "gmail.com".
>> When I read the blog, it mentioned OpenID but the link was to
>> register for
>> federated login.  I thought Shibboleth was about federated login
>> and OpenID
>> was about letting any RP log into an IDP.  Why does an RP have to
>> register
>> with Google before using its IDP?  And even if it registered, that
>> can't
>> automatically make "google.com" discoverable, so this doesn't feel
>> like
>> OpenID at all to me.
>>
>> Unhappy, but hoping someone can explain it to me.
>> On Wed, Oct 29, 2008 at 9:02 AM, Eric Sachs <esachs at google.com>
>> wrote:
>>>
>>> Google's IDP is now live.  You can try it on Plaxo, ZoHo, & Buxfer
>>> and
>>> hopefully more RPs to come soon.  Here is the blog post with more
>>> details,
>>> including information on how RPs can sign up to use the service:
>>>
>>>
>>> http://google-code-updates.blogspot.com/2008/10/google-moves-towards-single-sign-on.html
>>>
>>> And yes, it does allow RPs to request a user's E-mail address via
>>> AX as an
>>> option.  I'll let Joseph Smarr from Plaxo respond with details on
>>> how they
>>> are using that feature to further simplify the signup flow for
>>> Plaxo.
>>> Eric Sachs
>>> Product Manager, Google Security
>>> _______________________________________________
>>> general mailing list
>>> general at openid.net
>>> http://openid.net/mailman/listinfo/general
>>>
>>
>>
>> _______________________________________________
>> general mailing list
>> general at openid.net
>> http://openid.net/mailman/listinfo/general
>>
>>
>
>
>
> --
> --Breno
>
> +1 (650) 214-1007 desk
> +1 (408) 212-0135 (Grand Central)
> MTV-41-3 : 383-A
> PST (GMT-8) / PDT(GMT-7)
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general

_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general



More information about the general mailing list