Simplifying OpenId

Johannes Ernst at
Sat Jan 7 00:17:33 UTC 2006

I think this is a great example why YADIS is A Good Thing.

He figured out a different way of doing something, that appears to  
have certain advantages in certain cases (maybe certain disadvantages  
in certain other cases -- doesn't matter, it's creativity at work!  
Who are we to claim there is only One True Way to do something...)

Let's define yourself a new YADIS capability ... and you are  
instantly able to participate in the same framework. That doesn't  
mean that your new SSO can instantly be used to log into LiveJournal  
-- but it means it opens up a defined path for Relying Parties to  
recognize "your" URLs and do something smart with it...

On Jan 6, 2006, at 15:36, Rasqual Twilight wrote:

> On 1/6/06, S. Alexander Jacobson
> <alex**oid**895*dxyi*3 at 
> m>
> wrote:
>> I apologize in advance if this is a FAQ, but I just read finally took
>> the time to read through the OpenId spec more carefully and it seems
>> overly complex for what it is trying to accomplish.  Why not get rid
>> of all the complex message formats and non-opaque URLs and do
>> something like this:
>> (...)
>> 3. Consumer establishes is_user URL with server and gets back  
>> redirect URL
>>    POST http://serverURL
>>    content-type: application/x-www-form-urlencoded
>>    is_user=http://is_user_URL
>>    201 CREATED
>>    Location: http://redirect
>> (...)
>> ______________________________________________________________
>> S. Alexander Jacobson tel:917-770-6565
> I think this could work, but puts a bit more strain on the consumer
> because of the extra POST.

Johannes Ernst
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lid.gif
Type: image/gif
Size: 973 bytes
Desc: not available
Url :
-------------- next part --------------

More information about the yadis mailing list