OpenID Single-Sign-Off

Kristopher Tate kris at
Fri Jul 1 10:26:44 PDT 2005

Hello everyone,

A common problem that is now arising is that once we have logged on, 
how do we effortlessly log-out of each OpenID consumer?

 From my response in Once more, LJ valid_to timespan :

> On Level9's WebKit, after we have extended to a site that xyz user is 
> logged-in, if xyz user decides to log-out of any Level9 WebKit service 
> or <>, Our servers will go to each site and tell the sites 
> that xyz user has logged out. We do this via XMLRPC, but it could 
> easily be implemented via http-post. We need a mode that logs users 
> out.

Mr. Richard Russo's response on the same topic:

> [...] allows plenty of time for me to log out of livejournal, and my 
> roomate to get on my computer and use some other site pretending to be 
> me.  And maybe not even realize it.  (If we're friends, and we both go 
> to the same meme site because one of our common friends suggested it). 
>  Since OpenID provides single sign on (effectively), it's not 
> unreasonable for users to expect single sign off.

Either way, I think it is time for us to think about Single-Sign-Off.


More information about the yadis mailing list