Seamless site-to-site account creation and login via OpenID

Drummond Reed drummond.reed at cordance.net
Thu Aug 24 19:25:45 UTC 2006 

Tony,

 

So if I understand this (fascinating) scenario, what you're really talking
about is the capability for any site A to dynamically begin serving as a
"proxy" IdP for a user to another trusted site B, simply by issuing a URL
for accessing site B that points back to site A as the OpenID IdP.

 

Do I have that right?

 

If so, that's both really cool, and - possibly - a little scary, because the
user may not expect/want site A to act in that proxy IdP capacity.

 

What do folks think?

 

=Drummond (i-name: =drummond.reed, http://xri.net/=drummond.reed) 

 

  _____  

From: yadis-bounces at lists.danga.com [mailto:yadis-bounces at lists.danga.com]
On Behalf Of Tony
Sent: Thursday, August 24, 2006 1:21 AM
To: yadis at lists.danga.com
Subject: Seamless site-to-site account creation and login via OpenID

 

Thus far I've only read about OpenID and tried it out with some scant
services.  However as far as I can tell, the process of creating an account
and logging in to a trusted "partner" site could be made completely
automated, correct? 

Example:

User has an account on Web Site A.  User logs into Site A and a session
cookie is set.

User wants to access a service on Site B which is part of Site A's trusted
network of partner sites.

User requests Site B's feature on Site A.  Site A directs the user to Site
B, passing their OpenID XRI for Site A to Site B.

Site B would then contact Site A based on the OpenID to verify User's
identity.  Site B would then issue an HTTP redirect for the user to a
specially designed landing URL. 

When User's browser hits the landing URL, Site A checks the session cookie
and sets up the trust relationship with Site B.

As far as I can tell, this can be 100% seamless and behind the scenes,
provided the user has 1) already logged into Site A and 2) Site A and B
trust each other enough to use OpenID in this manner. 

Correct, or am I missing something?

Tony Arcieri
ClickCaster.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.danga.com/pipermail/yadis/attachments/20060824/befdd765/attachment.html

More information about the yadis mailing list