[OpenID] OpenID + Government

[Troy Benjegerdes]

> Since the architecture allows any 1 id through delegation to be different things to different assertion consumers, the only way for Yahoo (say) to comply with the assurance draft is to ELIMINATE ITS SUPPORT FOR OPENID DELEGATION (which google has already done, apparently).
> 
> We seem to be rapidly losing what openid is/was all about: user empowerment and control.

Maybe I'm missing something here, if we are really about user empowerment and control, 
where are the debian/fedora/OSX-Fink packages to allow a random user (or maybe, say
a small DOE lab research group, like http://scl.ameslab.gov) to run a full-fledged IdP
WITH delegation, and integration into desktop and email authentication systems like
Kerberos?

It seems quite hypocritical for OpenID proponents to talk about how it's all about user
empowerment and control without providing an easy-to-use open-source reference implementation
that does not require learning 'yet another' set of acronyms.


I'm really hoping that I've just missed something, and someone will point me out the FAQ
on how I can set up an OpenID IdP server in 15 minutes on my debian machines
at home and use kerberos credentials (which I already have for access my local
files, via AFS), to be able to authenticate me to my IdP.


Give me the 15 minute HOWTO, and cleanly implemented software packages, and I can probably
have this running on more than one .gov address in a month or two. (.. a case in point..
Does anyone have documentation on using an OpenID to log into a sharepoint server?? )