Interesting stuff,<br><br>I checked the draft for 1.1 out:<br><br><a href="http://openid.net/specs/openid-simple-registration-extension-1_1-01.html" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://openid.net/specs/openid-simple-registration-extension-1_1-01.html
</a><br><br>As well as the main authentication specification. Also I signed up to an IdP and signed up to the OpenID Wiki as a test.<br><br>Whilst OpenID is lovely stuff it does not at the moment seem appropriate for use in the way we intend. Which is pretty much what I expected in the first place. You have to authenticate every time you go to a site thereby proving your identity. If this authentication is successful then the IdP sends the authorised personal information back to the site you are logging into.
<br><br>So the bit that clashes with what we require is the regular user interaction.<br><br>It would be nice to have an automated extension that allows a request for updated information from one verifiable OpenID to another.
<br><br>E.G.<br><br><a href="http://monkeyA.com">http://monkeyA.com</a> (A) ---> logs into his OpenID server and allows <a href="http://monkeyB.com">http://monkeyB.com</a> (B) to see one of his personas.<br><br>B ---> adds A to his contacts. B's Pim application then contacts A's OpenID server for details
<br><br>A's OpenID server contacts B's OpenID server requiring B to authenticate. Now that A's OpenID server has authenticated B it sends A's persona to B's Pim application.<br><br>I'm pretty sure there is no facility for this now. It would need to have security aspects checked and likely be an extension to the OpenID server. Initially it seems reasonable that if B can be authenticated and A has agreed to share a persona...
<br><br>Do you think this is worth pursuing with the people at OpenID?<br><br>-Pete<br><br><br><div><span class="gmail_quote">On 15/03/07, <b class="gmail_sendername">Pius A. Uzamere II</b> <<a href="mailto:pius@alum.mit.edu" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
pius@alum.mit.edu</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Hi there,<br><br>The latest OpenID spec provides for this using the Simple Registration (SReg) extension. This functionality is optional for consumers and servers to implement. See <a href="http://openid.net/specs/openid-simple-registration-extension-1_0.html#response_format" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://openid.net/specs/openid-simple-registration-extension-1_0.html#response_format</a> for more information.<br><br>Cheers,<br><span>Pius</span><div><span><br><br><div><span class="gmail_quote">
On 3/15/07, <b class="gmail_sendername">Steven **
</b> <<a href="mailto:montgoss+openmokocommunity@gmail.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">montgoss+openmokocommunity@gmail.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
I agree on the OpenID thing. I just got my OpenID created a couple of<br>weeks ago. It's nice not relying on any one company to store you<br>information.<br><br>Does the OpenID spec allow for storing additional information besides
<br>just your password?<br><br>-Steven<br><br>On 3/15/07, Peter A Trotter <<a href="mailto:peter.trotter@gmail.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">peter.trotter@gmail.com</a>> wrote:
<br>> It would be ideal trying to tie this in with OpenID authentication. I've not
<br>> really had time to think this through fully but basically you would be<br>> replacing the one big store (Plaxo) with a distributed model.<br>><br>> I was about to flesh that out a little but I think everyone can see where I
<br>> am going. PIM app on phone updates contact info when required / when cheap<br>> connection is available.<br>><br>> I need to research OpenID a bit more but I'm thinking this may be a no go<br>> because you'd probably need to re authenticate to update information.
<br>><br>> Seems my brain is not really working yet this morning. I think I need more<br>> information and less speculation. I leave this as food for thought...<br>><br>> -Pete<br><br>_______________________________________________
<br>OpenMoko community mailing list<br><a href="mailto:community@lists.openmoko.org" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">community@lists.openmoko.org</a><br><a href="http://lists.openmoko.org/mailman/listinfo/community" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://lists.openmoko.org/mailman/listinfo/community
</a><br></blockquote></div><br>
</span></div><br>_______________________________________________<br>OpenMoko community mailing list<br><a href="mailto:community@lists.openmoko.org" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
community@lists.openmoko.org
</a><br><a href="http://lists.openmoko.org/mailman/listinfo/community" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://lists.openmoko.org/mailman/listinfo/community</a><br><br></blockquote></div>
<br>