[OpenID] openID provider / server setting

Peter Williams home_pw at msn.com
Mon Apr 13 20:43:15 UTC 2015 

since someone asked, privately, here is the url that I  missed:




https://yorkporc.wordpress.com/2015/04/10/owin-debugging/




The blog is m ainly technical, since I largely stay clear of over politics. doesn't seem right to annoy one’s host - about anything too current





FYI, yes 20 years ago I was paid/influenced by NSA to have standards committees appear to be do what the agency wanted, so one could claim that society itself had countenanced some of the difficult tradeoffs between security, privacy, and spying.




This was in the days (long since gone) when the agency had two groups within itself  (those that spied on others, those that prevented others from spying).  Those days are long gone - I'm told, being an era when the social debate we need to have about the social tradeoffs still, today, used to happen “by proxy”, albeit in secret with yet conducted entirely in good faith by the two “competing “ groups within the same agency.




I had a PHD thesis (long since examined as a fail) that talked about the original openid being an opening that could address …why PKI failed and COULD ONLY fail. While the exam  of a these actually failed for reasons all to do with me (not the politics), it also failed as at that time UK academia could not countenance a world in which it didn't do (in secret) whatever the NSA (or actually GCHQ) want to be said to be reality


If Anyone cares, Id trust NSA to do the right thing (even in its secret meetings with opened vendors). Id trust GCHQ no further than I can throw a cricket ball (perhaps because I'm English).








From: Peter Williams
Sent: ‎Monday‎, ‎April‎ ‎13‎, ‎2015 ‎10‎:‎56‎ ‎AM
To: Nat Sakimura, Sam DT, openid-general at lists.openid.net





here is an example.




note how it “thinks” a bit different from folks on the standards committees, who tend to be contractors/consultant for governments and their plans for a regulated cloud world that governs all sorts of policy (from privacy, to brand protection, to IP, to fedramp logging for cyberwar), to 






I’ve always supported personal identity (which lost its way in openid world, of course, as folks failed to make any money from the public). With an AS build into the app, and external AS from multiple/ clouds, one gets some of the old opened world - where one can dump google tomorrow and EASILY use other connected services vendors - without losing any control.




well done Microsoft, for keeping in mind the personal and then the private enterprise needs as well as the public utility concept for identity management.  Tech architecture should for a world that can adapt to a hundred politics (from US/UK structured spying via “trusted” vendors, to Mr Castros more old fashioned internet monitoring, to the China national firewall… to Turkeys media censorship, to …whatever…







Sent from Windows Mail





From: Peter Williams
Sent: ‎Monday‎, ‎April‎ ‎13‎, ‎2015 ‎10‎:‎29‎ ‎AM
To: Nat Sakimura, Sam DT, openid-general at lists.openid.net






Millions of folks host ssl on 127.0.0.1.

Remember,Microsoft tools for programmers offer sample code that builds a website with an oauth2 as to do resource owner grants and account linking, for free, hosted by default on 127.0.01 with options for SSL.

Have to believe it will migrate to openid connect, as things gain traction.

I know its tempting to think of this work as huge cloud/telco vendors, selling services to governments or their crypto regulated public etc.



Sent from my Windows Phone



From: Nat Sakimura
Sent: ‎4/‎13/‎2015 2:49 AM
To: Sam DT; openid-general at lists.openid.net
Subject: Re: [OpenID] openID provider / server setting




I am terribly sorry that I have missed your message. 

A regular OP needs to serve over HTTPS. Thus, it cannot serve over 127.0.0.1, if that is what you mean by a locally hosted.  
Instead, you can use Self-Issued provider, which you can find the info at: 

http://openid.net/specs/openid-connect-core-1_0.html#SelfIssued





Cheers, 




Nat Sakimura





On Sat, Mar 21, 2015 at 5:19 PM Sam DT <samdt3263 at gmail.com> wrote:


Hi,

I want to make my own local host an openID provider for the purpose of a class assignment.
The relying party that i have configured should redirect the user to my localhost page where i have hosted the server for authentication.
Can you tell me if this is possible using any openID library?

I should be very thankful

_______________________________________________
general mailing list
general at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20150413/46a7a0e1/attachment.html>
-------------- next part --------------
_______________________________________________
general mailing list
general at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general
-------------- next part --------------
_______________________________________________
general mailing list
general at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general
-------------- next part --------------
_______________________________________________
general mailing list
general at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general

More information about the general mailing list