[OpenID] OpenID based on email addresses... Just Works!

David Fuelling sappenin at gmail.com
Thu Oct 30 18:27:20 UTC 2008 

On Thu, Oct 30, 2008 at 6:18 PM, Martin Atkins <mart at degeneration.co.uk>wrote:

> David Fuelling wrote:
>
>>
>> That's not what I mean.  Instead, I'm talking about any particular
>> device's ability to "do something" with an OpenID URL.  For example, most
>> "devices" (be it Tivo, iPhone, Blackberry, etc) already have some sort of
>> support for a URL (I could be way off here, but I think this is accurate).
>>  My thinking is that it should be easier to allow my Blackberry to support
>> OpenID since it's just a URL, and arguably my Blackberry can already "do
>> stuff" with a URL -- it already has a library that can talk HTTP to an
>> endpoint based on the URL.  So, adding openid to my blackberry is actually
>> more "easy" (pardon my grammar) with URLs -- the resolvability is of an URL
>> is already built-in to a lot of devices.
>> However, most of these devices don't natively know how to "resolve" a
>> mailto: link into a URL.    It would require extra device-native
>> software.  My point really centers around the assumption that since many
>> devices can already natively handle URL's (in the sense that they can
>> resolve them using HTTP) then OpenID should be easier to implement on these
>> devices if an OpenID is a URL.  Trying to get all these devices to support a
>> new form of "link", as it were in the form of a mailto: would seem to be
>> more difficult, if I'm thinking pragmatically.
>>
>
> You need additional software to support OpenID discovery whatever URL
> scheme is in play. There's more to OpenID discovery than just "fetch the
> URL". This is why we have OpenID Consumer libraries!
>
> Even if EAUT (as it currently stands) were used, you still need some code
> to actually parse the email address and do the EAUT step.
>
>
This is true if the device is doing native OpenID or OAuth.  In that case,
my arguement is less valid, since we'll need native software on the device
for these protocols anyway.  But if I'm writing a native iPhone app (for
example), then it's one less piece of "code" to worry about if I don't have
to be able to handle mailto: schemes, or any other future scheme too.  I can
just write an OpenID/OAuth library, and maybe a EAUT library, and I'm good
to go.  I don't have to write additional code to handle each new OpenID
"type" as it comes along.

It's not a bulletproof argument, but something to consdier.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20081030/cc588411/attachment-0002.htm>

More information about the general mailing list