Seamless site-to-site account creation and login via OpenID

Tony bascule at gmail.com
Thu Aug 24 19:36:29 UTC 2006


Yes, that's correct.  The idea is to have a partner network of a number of
sites that all trust each other, and allow any user of any site in the
partner network to move around the network utilizing various services which
are tied to an account on that site.

- Tony


On 8/24/06, Drummond Reed <drummond.reed at cordance.net> wrote:
>
>   Tony,
>
>
>
> So if I understand this (fascinating) scenario, what you're really talking
> about is the capability for any site A to dynamically begin serving as a
> "proxy" IdP for a user to another trusted site B, simply by issuing a URL
> for accessing site B that points back to site A as the OpenID IdP.
>
>
>
> Do I have that right?
>
>
>
> If so, that's both really cool, and – possibly – a little scary, because
> the user may not expect/want site A to act in that proxy IdP capacity.
>
>
>
> What do folks think?
>
>
>
> =Drummond (i-name: =drummond.reed, http://xri.net/=drummond.reed)
>
>
>  ------------------------------
>
> *From:* yadis-bounces at lists.danga.com [mailto:yadis-bounces at lists.danga.com]
> *On Behalf Of *Tony
> *Sent:* Thursday, August 24, 2006 1:21 AM
> *To:* yadis at lists.danga.com
> *Subject:* Seamless site-to-site account creation and login via OpenID
>
>
>
> Thus far I've only read about OpenID and tried it out with some scant
> services.  However as far as I can tell, the process of creating an account
> and logging in to a trusted "partner" site could be made completely
> automated, correct?
>
> Example:
>
> User has an account on Web Site A.  User logs into Site A and a session
> cookie is set.
>
> User wants to access a service on Site B which is part of Site A's trusted
> network of partner sites.
>
> User requests Site B's feature on Site A.  Site A directs the user to Site
> B, passing their OpenID XRI for Site A to Site B.
>
> Site B would then contact Site A based on the OpenID to verify User's
> identity.  Site B would then issue an HTTP redirect for the user to a
> specially designed landing URL.
>
> When User's browser hits the landing URL, Site A checks the session cookie
> and sets up the trust relationship with Site B.
>
> As far as I can tell, this can be 100% seamless and behind the scenes,
> provided the user has 1) already logged into Site A and 2) Site A and B
> trust each other enough to use OpenID in this manner.
>
> Correct, or am I missing something?
>
> Tony Arcieri
> ClickCaster.com
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.danga.com/pipermail/yadis/attachments/20060824/db0c2077/attachment.htm


More information about the yadis mailing list