[OpenID] [OpenID board] Members Login broken

Peter Williams pwilliams at rapattoni.com
Mon Jan 26 16:18:06 UTC 2009 

I'll hazard a guess he used one from his own firm: http://www.startcom.org

Be interesting to discover if a "trust issue" is what underlies the sudden inability to interwork.

More generally, users of vanity URL may encounter this "suddent cessation of inteworking issue" quite often, given the nature of the consumer-initiated discovery process used by openid. There, the RP may reject the SSL cert of the vanity site, assuming as per good practice it follows up and check if the CA has issued a revocation notice. This revocation will stop discovery, and probably manifest to the user as "RP cannot use OP/openid", even though probably the certs at the delegates OPs are fine.

Lots of realworld usability issues...to work through... due to https/cert-based revocation and compromise recovery ...particularly in the delegation model of discovery.

> -----Original Message-----
> From: chris.messina at gmail.com [mailto:chris.messina at gmail.com]
> Sent: Monday, January 26, 2009 8:10 AM
> To: Peter Williams
> Cc: sappenin at gmail.com; general at openid.net
> Subject: Re: [OpenID] [OpenID board] Members Login broken
>
> Which OP is Eddy using? What did he enter into the login box?
>
> I don't have any update on open sourcing the voting software; maybe
> folks from the voting committee do?
>
> Chris
>
> On 1/26/09, Peter Williams <pwilliams at rapattoni.com> wrote:
> > One should determine why Eddy's OP suddenly ceased interoperability;
> those
> > members who use his openid service to access their membership
> benefits have
> > lost access. This is presumably a high priority matter for the
> executive,
> > seeing as subscriber paid for benefits that are presumably not now
> being
> > delivered. (Eddy's case is always interesting, because it forces
> policy and
> > practices issues into the open.)
> >
> > More generally, how are we doing on announcing the plan for releasing
> the
> > (non) open source code of the voting software?
> >
> > From: general-bounces at openid.net [mailto:general-bounces at openid.net]
> On
> > Behalf Of David Fuelling
> > Sent: Saturday, January 24, 2009 6:29 PM
> > To: board at openid.net
> > Cc: general at openid.net
> > Subject: Re: [OpenID] [OpenID board] Members Login broken
> >
> > Member Login is working for me at present.
> >
> > Also, I vote that we keep RPX if it makes financial sense to do so.
> >
> > RPX works (Eddy's case as an exception), and when RPX doesn't work --
> > there's somebody whose job it is to only worry about RPX.  Case in
> point, if
> > this was an RPX issue, then it wasn't an issue for very long, because
> > somebody was on top of it, and fixed it.
> >
> > IMHO, the foundation has other things to worry about than making sure
> the
> > website technology is working properly.  We should be paying people
> to do
> > that for core/key technology where volunteer help is either too slow,
> or
> > non-existent.
> >
> > Let's let the OpenID community members concentrate on spec-writing.
> >
> > My $0.02.
> >
> > david
> > On Sun, Jan 25, 2009 at 12:47 AM, Eddy Nigg (StartCom Ltd.)
> > <eddy_nigg at startcom.org<mailto:eddy_nigg at startcom.org>> wrote:
> > Members Login seems to be broken again, at least for me:
> >
> > https://openid.net/foundation/members/members returns
> >
> > "There was an error looking up your OpenID"
> >
> > ...besides that, I thought that we are giving up on RPX once the
> votes for
> > the board are over. What happened with that?
> > --
> > Regards
> >
> >
> >
> > Signer:
> >
> > Eddy Nigg, StartCom Ltd.<http://www.startcom.org>
> >
> > Jabber:
> >
> > startcom at startcom.org
> >
> > Blog:
> >
> > Join the Revolution!<http://blog.startcom.org>
> >
> > Phone:
> >
> > +1.213.341.0390
> >
> >
> >
> >
> > _______________________________________________
> > board mailing list
> > board at openid.net<mailto:board at openid.net>
> > http://openid.net/mailman/listinfo/board
> >
> >
>
>
> --
> Chris Messina
> Citizen-Participant &
>   Open Web Advocate-at-Large
>
> factoryjoe.com # diso-project.org
> citizenagency.com # vidoop.com
> This email is:   [ ] bloggable    [X] ask first   [ ] private

More information about the general mailing list