[OpenID] Naive doubt
SitG Admin
sysadmin at shadowsinthegarden.com
Wed May 27 17:07:52 UTC 2009
>I have recently started playing around with openID implementations
>and have a doubt.
>Maybe I have not understood the idea very well. Please someone help me here.
It looks like you have a good understanding of the idea,
implementations "in the wild" just haven't reached that stage yet.
Yahoo, for instance, doesn't let users log in with OpenID yet; some
other sites will let you log in with OpenID, but not associate that
identifier with your existing account.
In the future, Relying Parties should let users attempt login with
arbitrary (of their own choice) OP's and accept this in place of the
current 'password'; RP's *may* (likely) whitelist OP's they trust to
vouch for the user's identity depending on the risk; and my
(personal) hope is that, even with whitelisting, arbitrary (other)
OP's will still be allowed to "login" for less than a full account
(demo or partial functionality; messaging services, for example,
where I don't create a full Yahoo account but I can communicate with
those who have).
-Shade
More information about the general
mailing list