hatman: HatMan, my alter ego and face on the 'net (Default)
»

Just for the heck of it...

([personal profile] hatman Mar. 12th, 2008 06:48 am)
Ask me anything, and you will get an answer. Ask about me, ask about something you think I might know, ask... anything. Seriously or otherwise. Whatever you want. You will get an answer. In most cases, that answer will have something to do with the question. In some cases, it may even make sense! (I'll do my best, anyway. Depending on the question.)

You can ask me directly, or, if you've got a quarter handy, you can ask my buddy...


Flat | Top-Level Comments Only
ext_3159: HatMan (Default)
Date: 2008-03-18 07:32 pm (UTC)

From: [identity profile] pgwfolc.livejournal.com

Re: OT - comment test


Okay, done some looking, and no one really seems to want to answer the question of just how it works. Or, if they do, that answer got lost in a sea of technobabble which, frankly, is over my head. There are mentions of different protocals and such, newer versions...

But there's also an article which says this:

* Anybody can use their own technical innovations within the OpenID framework, even if they replicate, or compete, with the OpenID specifications themselves.

This latter points is worth repeating: if tomorrow, for example, you decide you don't like the Diffie-Hellman cryptographic key exchange at the root of OpenID authentication, you can develop your own way of authenticating, and deploy it within the OpenID framework. If you have an idea for a new identity-related service that nobody else ever thought of, you can deploy it into the OpenID framework as soon as your code is ready. This radical decentralization on all levels of the stack, both technically and organizationally, is a very strong catalyst for attracting innovators and their innovations. This makes OpenID a superior choice for identity-related innovation.


Which, if I'm reading it, means that it works the way the OID provider in question chooses to make it work.

I think, basically... You have a server which acts as an "identity provider." The URL of that provider is included in the sign-on. The site where you're trying to use OID contacts the provider using the protocol of choice, and the provider verifies that you are logged in with that ID for the current browser session.

The specifics, like I said, seem to vary... and are also more technical than I can really keep up with.
Flat | Top-Level Comments Only
.

Profile

hatman: HatMan, my alter ego and face on the 'net (Default)
hatman

Most Popular Tags

Page Summary

Active Entries

Style Credit

Expand Cut Tags

No cut tags