[OpenID] Question About OpenID

Sun Jun 14 00:01:15 UTC 2009

Blogger is a very weak OP and RP.  It's buggy all over the place in my
experience.  I'd change your XRDS to point to something other than Blogger
as your OP.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - S. G. Tallentyre

On Sat, Jun 13, 2009 at 2:39 PM, Peter Williams <pwilliams at rapattoni.com>wrote:

> So lets do it.
>
> goto blogspot and create a blog. Mine is called openid2.
>
> goto freexri.com and login.
>
> Put http://openid2.blogspot.com/ (or your equivalent) in the lowest input
> box, to start binding your google credentials to your delegation. FreeXRI
> and blogspot perform websso, and I get a freexri session.
>
> The freexri site allows you to (a) choose a name in some community (b) bind
> a password, for account recovery (lest Google lock you out for 2 weeks while
> one negotiates with their account reps).
>
> in the auth settings, choose
>
> I already have an OpenID. I want =@blog*bloggerlock<mailto:=@blog*bloggerlock>
> to point to my existing OpenID:
>
> and delegate back now to http://openid2.blogspot.com/ (in my case).
>
> once the name is registered (move over facebook...), click advanced, and
> retain your canonical id. Mine is
> @!E459.819D.771.7990!8a24.bb1b.d12d.071b (note the form, with the leading
> =!).
>
> Using your =!...  value rather than mine (or Andrews), create a snippet of
> the form:
>
> <meta http-equiv='X-XRDS-Location' content='
> https://xri.net/@!E459.819D.771.7990!8a24.bb1b.d12d.071b?_xrd_r=application/xrds%2Bxml;sep=false'
> />
>
> Then follow Andrew's blog entry counsel on putting XRDS metadata in the
> blogspot area. Logged into Blogspot using Google Account credentials, apply
> Layout->HTML editing, and add the snippet just after the <head> tag.
>
> Got to facebook now, and sign up (it pings an email account...). In
> accounts settings in a newly provisioned account, set a linked id, and enter
> http://openid2.blogspot.com/.
>
> Facebook will not cooperate with an openid provider v1.1. Sigh.
>
> so, go to plaxo instead, and use the openid signin, citing (for me)
> http://openid2.blogspot.com/.
>
> This says: Unable to redirect to the specified OpenID provider: failed to
> perform curly request [URL using bad/illegal format or missing URL].
>
>
>
> If I just enter https://xri.net/@!E459.819D.771.7990!8a24.bb1b.d12d.071bat plaxo, this redirects to blogger, which correctly complains (I suppose)
> that:
>
>
>
> Your blog is not supported for use as an OpenID URL. Please check the
> following:
>
>  *   Is your blog externally hosted? OpenID is only supported for blogs
> hosted on Blogger.
>  *   Was the URL (http://xri.net/openid2.blogspot.com) spelled correctly?
>
>
> (not sure where the http://xri.net/openid2.blogspot.com comes from, tho.)
>
>
>
> now, the XRD that freexri creates by default is not EXACTLY configured as
> Andrew configured his XRD, in his aspx (or 1id config). This may account for
> matters. Or, are we running into namespace controls (correctly): that OP can
> only speak for XRI authorities for which they in turn HAVE authority (to
> speak)?
>
> I dont see why an OP cannot discover - for the XRI case - the user's XRD
> itself, note the users delegation of namespaces, and determine that it has
> the right AND - from browser trust - current authorization to speak for a
> "delegated-synonym"
> ________________________________
> From: general-bounces at openid.net [general-bounces at openid.net] On Behalf Of
> Andrew Arnott [andrewarnott at gmail.com]
> Sent: Friday, June 12, 2009 9:50 PM
> To: Tyler Romeo
> Cc: general at openid.net
> Subject: Re: [OpenID] Question About OpenID
>
> I think what you're looking for is what OpenID calls delegation.
>  Delegation includes the ability to take several OpenIDs issued by several
> providers and tie them into just one identifier that you can always use,
> even as your set of Providers change.
>
> I have a couple of blog posts that tell you how to do it:
>
> Part 1:
> http://blog.nerdbank.net/2008/07/how-i-have-taken-control-of-my-own.html
> Part 2:
> http://blog.nerdbank.net/2008/07/how-i-have-taken-control-of-my-own_22.html
>
> --
> Andrew Arnott
> "I [may] not agree with what you have to say, but I'll defend to the death
> your right to say it." - S. G. Tallentyre
>
>
> On Fri, Jun 12, 2009 at 9:30 PM, Tyler Romeo <tylerromeo at gmail.com<mailto:
> tylerromeo at gmail.com>> wrote:
> Maybe somebody can help me. I started looking into OpenID a little while
> ago, and there is something that is a little confusing to me. If I have
> multiple OpenID providers that I use (because a lot of popular websites are
> making themselves providers now for whatever reason), is there any way to
> either link the different accounts or make one of them the central OpenID or
> anything similar to that idea, because it gets confusing, annoying, and
> essentially useless when all the websites I use give me an OpenID, but I
> cannot do a single login, which seems to be the general point of OpenID.
> Hopefully somebody could answer that.
>
> Thanks,
> Tyler
>
> _______________________________________________
> general mailing list
> general at openid.net<mailto:general at openid.net>
> http://openid.net/mailman/listinfo/general
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090613/0d5236ff/attachment.htm>