[OpenID] typepads interesting service for leaving comments

Markus Sabadello markus.sabadello at gmail.com
Wed Aug 26 20:01:11 UTC 2009 

Unfortunately the freexri.com service doesn't provide a way to modify the
headers in your contact page; but you can of course configure your XRD to
point to other places than the contact page.

Markus

On Wed, Aug 26, 2009 at 7:23 PM, John Bradley <john.bradley at wingaa.com>wrote:

> Peter,
>
> The xri.net proxy is redirecting the RP's discovery to your default
> service via a http 302.  This happens to be your contact page as you have
> your XRDS configured.
>
> At that point the RP is doing HTML discovery.
> If you look at the HTML of your contact page it contains:
> <link rel="openid.server" href="https://authn.freexri.com/authentication/"
> />
> <link rel="openid2.provider" href="
> https://authn.freexri.com/authentication/" />
> <link rel="openid.delegate" href="
> http://xri.net/@!E459.819D.771.7990!5B62.6F13.7602.5176<http://xri.net/@%21E459.819D.771.7990%215B62.6F13.7602.5176>"
> />
> <link rel="openid2.local_id" href="
> http://xri.net/@!E459.819D.771.7990!5B62.6F13.7602.5176<http://xri.net/@%21E459.819D.771.7990%215B62.6F13.7602.5176>"
> />
> The RP never sees the XRDS.  You have a simple case of delegation via HTML
> tags.
> You could change your contact page to include a X-XRDS-Location or delegate
> to someplace else as you like.
> Changing your XRDS contact service will let you point to a blog or any
> other page with the correct markup to use as a openID.   However the target
> URL will become your claimed_id.
> John B.
>
> On 26-Aug-09, at 12:48 PM, openid-general-request at lists.openid.net wrote:
>
>  Date: Wed, 26 Aug 2009 08:18:33 -0700
>> From: Peter Williams <pwilliams at rapattoni.com>
>> Subject: [OpenID] typepads interesting service for leaving comments;
>>        per synonym delegation of OPs
>> To: "openid-general at lists.openid.net"
>>        <openid-general at lists.openid.net>
>> Message-ID:
>>        <BFBC0F17A99938458360C863B716FE463DCDF23913 at simmbox01.rapnt.com>
>> Content-Type: text/plain; charset="us-ascii"
>>
>>
>> http://aws.typepad.com/aws/2009/08/introducing-amazon-virtual-private-cloud-vpc.html has
>> a signin form. Rather than "sign" a comment, you just login to the
>> commenting system (and can logout). Unlike google blogging, you don't need
>> to have/retain a blog-side account.
>>
>> So, I signed in.
>>
>> First with home_pw.myopenid.com (using my good ol myopenid account).
>>
>> Second with http://xri.net/@blog*lockbox (the url form of my good ol XRI
>> from freexri.com).
>>
>> The really interesting part was the second login.
>>
>>
>> a.       The freexri.com OP UX notes the cid, and asks me to confirm that
>> this long number is my identity. ( I just said yes, like the average
>> consumer will). After all, this is all the OP knows about me, on the typepad
>> site, by design.
>>
>>
>>
>> b.      After Openid Auth is all done, the commenting form then views me
>> as: contact.freexri.com/contact/@blog*lockbox<mailto:contact.freexri.com/contact/@blog*lockbox>
>> - a URL that presumably folks can use to followup with me about my own rant
>> (seeing as the site is a messaging frontend to my (hidden) emailbox).
>>
>> Im not real competent enough in XRI and SEP selection parameters to
>> know... but I half believe that if I fiddle around with my XRD enough I -
>> the user! - can actually control the URL shown in (b).
>>
>> We are almost there! This was  viable, mainstream and has UCI (vs
>> fb-style) features that were generally comprehensible. They gave me what I
>> USED TO THINK OPENID WAS ALL ABOUT (a bit of autonomy from providers).
>>
>> It also revealed a feature that I don't understand. The XRI variant
>> identity WAS SUPPOSED to do delegation to myopenid rather than the XRI
>> server showing its own login page as an OP. And, it USED TO WORK.
>>
>> When I look at the config of my XRD (at my freexri.com site), I note:
>>
>> This i-service [openid] is bound to this specific XRI instead of its
>> authority. This means that it will not be shared by synonyms of this XRI."
>>
>> Im GUESSING that since the openid consumer focused (per the spec) on the
>> XRI cid rather than XRI synonym I used, the rules in my XRD mean that
>> typepad RP does NOT detect that I have delegation armed (for that synonym).
>>
>>
>>
> _______________________________________________
> general mailing list
> general at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-general
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090826/121e8c14/attachment.htm>

More information about the general mailing list