exactly right Chris.
and I think there's more of a chance of this happening if people use
delegation or rely on more grassroots providers. The advantage of
delegation is that you can use whatever URL you might have write access
over to redirect to your provider, but it's less likely that the URL
people have control over will be as stable as a major web app or big
openid provider. Part of the underlying principle of openid is that it's
decentralized and distributed so that you don't have to rely on big name
providers, and you're not screwed if one your providers gets hacked or
censored, and you're not locked out if the provider you've got running
off the old OLPC in your closet goes down.
phil
Christopher Patterson wrote:
One good example, although hopefully not a common use case:
One of your OpenID providers might be experiencing downtime (planned
or otherwise), but you'd still like to be able to access sites.
Chris
On Feb 23, 2009, at 11:46 AM, Luke Tucker wrote:
On Feb 23, 2009, at 12:15 PM, Philip Ashlock wrote:
Luke Tucker wrote:
Thanks Phil!
I also thought of a couple of related cases which are not yet covered:
Do you mean "not covered" by those case studies or not covered by
melkjug?
Not presently supported by the melkjug ui.
* You cannot associate a password with an username that was created
with an openid (restricted to only openid login)
* You cannot change your openid
The model for this is not to simply change an OpenID, but to add an
additional OpenID (and is covered by a couple of the examples I
documented). If for some reason you'd like to delete an OpenID, you
can do that as well, but you wouldn't change one as you might change
your email address. The ability to rely on multiple different IDs
and providers is one of the core concepts of the OpenID model. If
you're storing OpenIDs the same way you would a normal username, you
might want to reconsider because they should really be provided as a
many-to-one relationship in a database.
This would probably would take more shuffling to support than adding
one to an existing account, but still not very difficult.
I get the having-many-identities part of OpenID, but I guess I only
understand it in the context of different identities for different
contexts / that those identities can be fused and split as you see
fit using using a proxy providers and so forth?
I guess I hear you to a certain extent here, but within one
application context I'm not sure I totally follow... Can you give me
an example of a specific reason for having more than one openid
assigned to a single user simultaneously in melkjug?
- Luke
-phil
- Luke
On Feb 23, 2009, at 11:40 AM, Philip Ashlock wrote:
Looks like I never clicked send for this last week:
---
I documented some examples of UI for associating an openid with an
existing account
http://www.flickr.com/photos/philaestheta/tags/associateopenid/
and found a few cases of associating an account with an existing
openid (eg if someone uses openid to create an account):
http://www.flickr.com/photos/factoryjoe/415701438/in/set-72157600010029792/
http://www.flickr.com/photos/factoryjoe/425802569/in/set-72157600010029792/
Regarding openid for mobile:
• skitch has an example of using a proxy account for an openid
so you can use a username/password for the desktop app (not the
ideal solution considering it breaks the utility of openid) -
http://www.flickr.com/photos/philaestheta/3295629585/
• The OpenID mobile experience, part II
• Valimo Wireless Introduces Mobile Authentication for OpenID
- February 16, 2009
-phil
Joshua Bronson wrote:
Hey Phil,
Thanks for the report. I've ticketed it at
http://trac.openplans.org/melkjug/ticket/342. Feel free to ticket
any other issues you have there or just let me know and I can do
it if you prefer.
I think it shouldn't be too hard to allow an openid to be
associated with an existing account logicwise; we'd just have to
come up with the UI for it. Melkjug currently has no 'manage your
account' type page, so maybe this should either wait until it
needs to grow one, or maybe we could simply add an 'add your
openid' to the user home page. Thoughts?
Josh
On Wed, Feb 18, 2009 at 1:43 AM, Philip Ashlock
<[email protected]> wrote:
I think the problem I've had with OpenID on melkjug is that I
can't associate an OpenID with my existing account. If i simply
try to login with openid, I receive the error message "unable to
authenticate". It seems that I'm able to create a new account by
simply using openID which is awesome as it's common for many
services to force you to first create a normal account and then
have you associate an openid with it.
Should i ticket this somewhere?
-phil
--
Archive:
http://www.openplans.org/projects/melkjug/lists/melkjug-development-list/archive/2009/02/1235412650296
To unsubscribe send an email with subject "unsubscribe" to
[email protected]. Please contact
[email protected] for questions.
--
Archive:
http://www.openplans.org/projects/melkjug/lists/melkjug-development-list/archive/2009/02/1235513367027
To unsubscribe send an email with subject "unsubscribe" to
[email protected]. Please contact [email protected]
for questions.
