Dynamic Delegate Identity?
Martin Atkins
mart at degeneration.co.uk
Sat Sep 2 20:21:26 UTC 2006
Ben Hyde wrote:
>
> Rather than provide an openid.delegate of, say,
> http://wikitravel.org/en/User:Downtown on my open id url page
> www.cozy.org/chum wouldn't it be preferable if I provided
> http://wikitravel.org/en/OpaqueUser:13452342152?
>
Can't this just use the new support for entering your IDP's URL rather
than your own URL? You'd just say (for example):
<openid:Delegate>http://www.myidentityprovider.com/</openid:Delegate>
...and then, presumably, everything would proceed as if the user had
entered http://www.myidentityprovider.com/ as the identity in the first
place, except of course that the "primary key" for that user would end
up being the delegating URL rather than the IDP-generated URL.
>
> ps. I'm a bit unclear on why openid.delegate is required.
>
The primary use case is for people who host their own domains to be able
to use their domains for OpenID identity URLs without having to run
their own IDP. It is also useful in that it provides a layer of
abstraction allowing users to switch identity providers without losing
their identity, in a similar fashion to "vanity address" email
forwarding services.
Of course, Delegate is of limited interest to someone who is
intentionally using a different identity for each site. It's aimed at
people who actually *want* services to know who they are! :)
More information about the yadis
mailing list