Comments on: OpenID: Single sign-on and so much more

By: Mark Scrimshire

Mark Scrimshire — Tue, 20 May 2008 20:42:35 +0000

I think there is a great opportunity to advance SSO for Enterprises using OpenID SSO between business partners.

I have started putting my thoughts together on my blog:
http://ekive.blogspot.com/2008/05/openid-and-single-sign-on-across-sites.html

and on the DataPortability.org General Group: http://groups.google.com/group/dataportability-public/browse_thread/thread/9bc9be257eb28c33

I need to check my thinking to make sure it makes sense.

By: Anonymous

Anonymous — Tue, 20 May 2008 20:36:13 +0000

I have been thinking about OpenID and Single Sign On and posted thoughts at:

http://ekive.blogspot.com/2008/05/openid-and-single-sign-on-across-sites.html

and also on the Data portability group here:

http://groups.google.com/group/dataportability-public/browse_thread/thread/9bc9be257eb28c33

I think there is an opportunity to do open federated SSO that might be attractive to enterprises.

By: kveton

kveton — Tue, 23 Jan 2007 14:13:47 +0000

Hi Arioch: OpenID has been bound by HTTP because of the requirement to interact with the browser. There is much discussion going on on the mailing lists about allowing non-interactive logins with OpenID. This would enable you to use command-line clients or do things “as the user” when they are not present (although you would need their permission).

Although http://user@server is a valid URL, is it one that my grandma or 8 year-old niece understands? There is technically possible and then there is the reality of user understanding.

I’m sorry that my blog won’t allow you to post comments to it. I’ve had several other people login today with their OpenID’s and leave comments. You might want to try some of the diagnostic tools available:

http://www.openidenabled.com/openid/openid-tools

http://www.openidenabled.com/yadis/developer-tools/yadis-diagnostic

Hope that helps!

By: Arioch

Arioch — Tue, 23 Jan 2007 11:37:34 +0000

http://openid.net/wiki/index.php/WishList#Feature_requests.3F

See comments from annonymous.

Why OpenId is to be bound solely within http ?

And still http://user:password@server is a possible URL.
Just make http://user@server (with empty password) redirect to some profile page - though it need specific settings of www server.

BTW, my Website is an open-id, but this blog ignores it :-(

By: kveton

kveton — Tue, 23 Jan 2007 01:52:42 +0000

But its not a destination in the web sense. How would you put your hCard or iCal information at that address?

dkearns@gmail.com is ambiguous as well. Is it an email? A jabber address?

By: Dave Kearns

Dave Kearns — Tue, 23 Jan 2007 01:41:45 +0000

Last I looked, Scott “dkearns@gmail.com” was both unique and addressable. And a lot older than OpenID…