[OpenID] Myopenid ax

[Peter Williams]

Delegate was probably the wrong term. Host a "private label op", would probably be a better term, borrowing from the world of hosted pkis. Myopenid has evidently built a multi tenant op, from what I can tell, much like we did in mls land: one sass pool of server side functions: 100+ configurations - one per tenant.

Pbwiki as a sp are obviously trying to go the same way, but I suspect their openid integration was not designed for the multi tenant model (from my trials, with wiki.openid.net).

-----Original Message-----
From: Martin Atkins <mart at degeneration.co.uk>
Sent: Tuesday, January 06, 2009 4:29 PM
To: general at openid.net <general at openid.net>
Subject: Re: [OpenID] Myopenid ax


Peter Williams wrote:
> Is there an op out there allowing public enrollment, and it delegates to myopenid's hosted op service?

Do you mean the myOpenID "for Domains" thing, where you point some DNS
records at myOpenID and they provide OP service for users in that domain?

I'm not sure exactly what you want, but I don't know of any OPs that
delegate to other OPs.

> Ideally it would allow me to define and populate values for my own (per user) ax atributes.

It sounds like what you'd like to do is use myOpenID to do OpenID
Authentication while doing your own AX, or at least have myOpenID store
some attributes you've defined.

I don't actually know of any providers that implement AX to the point
where arbitrary attributes can be written and returned in a later
request. Even read-only AX is only implemented by a handful of providers
right now.

Unfortunately I believe that if you want to run your own attribute
provider you'll need to also run the corresponding OpenID provider,
since the two are assumed by the spec to be the same endpoint.

_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general