what has to be is stored on a consumer-app ?

Daniel E. Renfer Duck at Kronkltd.net
Thu Feb 16 18:57:39 UTC 2006


The fact that openid consumers only store your claimed identity is a
good thing. If I say that my identity is e.com/a, then that's the
identity that I wish to be known by. Anyone that has access to edit
the page at e.com/a has the power to change what server my identity
will ultimately use to authenticate me. Presumably, I'm the only one
with edit access to e.com/a, otherwise, it's not a very safe choice of
an identity. If I decide to latter switch to a different identity
server, then it is _me_ making that choice, all the websites I visit
shouldn't stop authenticating me just because I switch from
livejournal to myopenid. (which I actually did)

Daniel E. Renfer (http://kronkltd.net/)

On 2/16/06, zwiskle <zwiskle at cable.vol.at> wrote:
> Hi,
>
> I have a maybe thumb question.
>
> Think on this scenario:
>
> I am    A.livejournal.com
> Now I create on my other homepage ( e.com ) a "e.com/a" and place there
> a reference ( <link... or Yadis ) to a.livejournal.com .
> Writing now e.g. some bad comments.
> Then I _delete_ the "e.com/a" ( breaking the reference-chain ).
>
> As I've seen, ( in the realy nice example at
> http://www.biff.org.uk/dave/openid/guestbook.cgi )  the "e.com/a" is
> stored, not the "a.livejournal.com"; this is on onehand good ( if I own
> "myfirstname.mylastname.com" ) or bad as in the example above.
>
> Maybe the solution for this would be to store somehow both ( "e.com/a
> via a.livejournal.com" )
>
> Any suggestions ?
> I plan to enable openid to some of my applications as a alternative
> login method.
>
> mfg
> .klemens
>
>
> --
> zwiskle <zwiskle at cable.vol.at>
>
>


More information about the yadis mailing list