If there is no protection against abuse those usage number will very quickly become meaningless and it would be hard to get large OPs to invest time in pinging usage to a system that could so easily be gamed.<br><br>The only way is if OP released data publicaly, but some may consider it to be a competitively sensitive and not release data. A body like the OpenID foundation could receive monthly data from the large OP which it then anonymizes and aggregates for us. Not sure if that is within there mandate.
<br><br>-Immad<br><br><div><span class="gmail_quote">On 28/09/2007, <b class="gmail_sendername">Hans Granqvist</b> <<a href="mailto:hans@yubico.com">hans@yubico.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
> The number of "usages" - I assume you mean the number of RP<br>> authentication requests - to determine that figure, you'd need<br>> information from the logs of all OpenID Providers.<br><br>How about devising a dead-simple voluntary protocol where
<br>an OP (perhaps also RP) could ping, say <a href="http://openid.net/usage">http://openid.net/usage</a><br>for the sole purpose of collection of such stats?<br><br> GET /usage?op=example.com&event=n HTTP/1.1<br><br>
where n is an int defining the event (successful auth, sreg used, etc).<br><br>(Can be abused, sure. /usage can check source IP to OP for obvious<br>system gaming. Maybe that's enough of deterrent.)<br><br>Any takers? Shouldn't take more than a day or so to implement. I can
<br>help if there is anyone who can host the service.<br><br>-Hans<br>_______________________________________________<br>general mailing list<br><a href="mailto:general@openid.net">general@openid.net</a><br><a href="http://openid.net/mailman/listinfo/general">
http://openid.net/mailman/listinfo/general</a><br></blockquote></div><br><br clear="all"><br>-- <br><br>Cell: +1 617 460 7271<br>Skype: i.akhund<br>Blog: <a href="http://immadsnewworld.blogspot.com">http://immadsnewworld.blogspot.com
</a><br><br>Clickpass, CTO