Monday, November 20, 2006

OpenID ceremony

Paul Toal's blog allows readers to use an OpenID for their authentication mechanism.

The ceremony is different than typical. If they wish to use an OpenID URI (as opposed to authenticating with a local account), the user is asked/allowed to specify the identity provider at which they maintain that URI in addition to the URI itself, see graphic

It's not clear to me why a user would need to both supply the URI as well as indicate the IDP through the select list?

It would make sense to me if the user was allowed to either pick their IDP from the list OR enter their own URI - the former being valid if the user wants the 'delayed binding' model of persona selection (this would be valid but seemingly antithetical to the supposed OpenID freewheeling trust model where an RP isn't expected to show any selectivity in its 'favours').

I tried not providing a URI to see if I'd get sent to LiveJournal regardless but the OpenID authentication on Paul's site isn't working.

1 comment:

Pamela said...

And then there are the inames. I can't figure out when exactly I get to start using my iname to authenticate, and if I do, do I still need to specify a provider? I remember from IOS Santa Clara that inames & open IDs are merging for OpenID 2.0, I just can't figure out if that means now, or soon... luckily I get to ask all these types of questions at IIW in a few weeks :)