Seemless Single Signon

Martin Atkins mart at
Fri May 20 06:53:52 PDT 2005

Sam Ruby wrote:
> Nothing is shared between sites.
> There is no need to involve my server during the composition of my request.
> Everything necessary to compose a message which is signed with 
> information unique to my server can be done locally, in javascript.
> And it can all be done with out any user interaction.

Sorry. I misunderstood what you were saying. It is true that the 
signature request can happen without making any kind of request to the 
consumer site in the presence of some OpenID-specific code in the 
browser. That is what the "Browser Login Plugin" thread was all about, 
in fact. My post at the head of that thread essentially proposed what 
you are proposing, albeit with a different user interface and discovery 


A form naming convention would serve the same purpose as the HEAD 
metadata I proposed, if perhaps making it a little harder to "discover" 
the necessary information.

The only part that cannot currently be automated is the approval on the 
ID server. For that to work, there would need to be some kind of 
protocol for the plugin/bookmarklet/filter/whatever to tell the ID 
server behind the scenes that the site is approved. Of course, this must 
be designed with an appropriate amount of care to avoid websites 
pre-approving a user themselves.

More information about the yadis mailing list