openId - sorua
mart at degeneration.co.uk
Tue Jul 12 11:28:55 PDT 2005
Michael Platzer wrote:
> * OpenId defines the Identity to be a Uri, sorua defines it as
> 'AuthServer + Username' (e.g. twoday.net:michi).
> Does that mean that i *need* to have a blog/uri, to use openId? With
> sorua you could also be del.icio.us:klemens or flickr.com:jürgen
> (non-ascii!). Over here in Europe not everybody got a blog :-) Still the
> Server can associate a url with my Identity by passing along 'url:...'
> in the verification response.
There's no reason why the thing at your URL has to be a weblog. At my
identity URL I just have an HTML page with my name on it. TypeKey's
identity URLs are (I assume) going to be the OpenID profile page. To use
some of your examples, there's no reason why del.icio.us couldn't run an
identity server to support URLs of a given form in their domain, such as
mart.del.iciou.us or http://del.iciou.us/users/mart . What does
twoday.net:michi actually map to? What is the server's real URL?
> Another question: The example on http://www.openid.net/ says 'Hello,
> Brad! You're now logged in to someblog.com as Brad from LiveJournal'.
> How does the consumer know that i'm 'Brad' or that i come from
> 'LiveJournal', i.e. how can it determine these strings from my Identity?
I think that's really just a human interpretation rather than what the
consumer itself would say. LiveJournal (the software) displays
LiveJournal identities as "username.livejournal.com" or "username
[livejournal.com]" depending on which URL form the user entered.
However, if there are certain sites which you deal with routinely
there's not really any reason why you couldn't handle URL forms you
recognise in a special way. When the Wikipedia folks were here we were
disussing using OpenID for their inter-site auth and having their
interface pick up on their own URLs and display them in a special way.
I'll leave others to deal with your other points, as they can probably
give better answers than me.
It's quite likely that a gateway server for using a Sorua login on an
OpenID consumer or vice-versa could be constructed quite easily. I wrote
such things for TypeKey and LID a while back. (though I think they are
now broken due to the new protocol.)
More information about the yadis