Lua OpenID server implementation

Keith Howe nezroy at gmail.com
Sat Jan 21 08:07:59 UTC 2006


I have posted the initial alpha release of a Lua OpenID server
implementation. It can be found at http://luaopenid.luaforge.net/. It
(hopefully) complies with the "1.1" spec, but only supports plain-text
key exchange for shared secrets (no DH yet).

In the process I have also added a new wiki page at
http://www.lifewiki.net/openid/OpenIDFlow. This is a very verbose
coverage of the protocol for those who, like me, had no previous
exposure to it. This includes discussions about the apparent security
implications of various design elements which were not immediately
obvious to thick-headed folks such as myself.

It is not intended to replace the detailed specs. It is intended to
hopefully replace (or at least shorten) for others the process I went
through to understand the protocol in action -- namely, studying the
Perl implemenation along with the existing specs while watching
messages come in and out of my own implementation. Someday I might
even add diagrams, if enough people find it to be helpful :)

- K.Howe


More information about the yadis mailing list