Comments for EnThinnai Blog http://blog.enthinnai.com Blog by EnThinnai Team Members Sat, 17 May 2008 03:21:39 +0000 http://wordpress.org/?v=2.2.2 Comment on OpenID Providers that Don’t Consume are not Evil by Aswath http://blog.enthinnai.com/2008/03/24/openid-providers-that-dont-consume-are-not-evil/#comment-1056 Aswath Thu, 27 Mar 2008 21:11:40 +0000 http://blog.enthinnai.com/2008/03/24/openid-providers-that-dont-consume-are-not-evil/#comment-1056 Phil: I didn't realize that OpenIDs derived from wordpress.com is failing to be recognized. Let me to do some exploring and will let you know. It is a best current practice for Relying Parties to associate multiple OpenIDs with a single account. this way when one OpenID fails for whatever reason users are not locked out of service. In this respect many RPs, including EnThinnai, is defunct. I also would strongly recommend that you should use <a href="http://wiki.openid.net/Delegation" rel="nofollow">OpenID delegation </a>of one of your pages. This way you can maintain the URL of that page to be your OpenID and can change the OpenID provider to maintain full availability. Phil:

I didn’t realize that OpenIDs derived from wordpress.com is failing to be recognized. Let me to do some exploring and will let you know.

It is a best current practice for Relying Parties to associate multiple OpenIDs with a single account. this way when one OpenID fails for whatever reason users are not locked out of service. In this respect many RPs, including EnThinnai, is defunct.

I also would strongly recommend that you should use OpenID delegation of one of your pages. This way you can maintain the URL of that page to be your OpenID and can change the OpenID provider to maintain full availability.

]]> Comment on OpenID Providers that Don’t Consume are not Evil by Phil Wolff http://blog.enthinnai.com/2008/03/24/openid-providers-that-dont-consume-are-not-evil/#comment-1052 Phil Wolff Thu, 27 Mar 2008 11:26:54 +0000 http://blog.enthinnai.com/2008/03/24/openid-providers-that-dont-consume-are-not-evil/#comment-1052 I've been a wordpress.com OpenID for about six months but they recently stopped being compatible with most OpenID parsers; everywhere I go, including places I visited previously, fail to recognize my ID as valid. Is there an extension or successor to OpenID that offers a list of OpenIDs to an OpenID consumer? So that, when my provider is offline or bankrupt or discontinues the service, I can still authenticate as me? still login to my services? I’ve been a wordpress.com OpenID for about six months but they recently stopped being compatible with most OpenID parsers; everywhere I go, including places I visited previously, fail to recognize my ID as valid.

Is there an extension or successor to OpenID that offers a list of OpenIDs to an OpenID consumer? So that, when my provider is offline or bankrupt or discontinues the service, I can still authenticate as me? still login to my services?

]]> Comment on OpenID Providers that Don’t Consume are not Evil by Aswath http://blog.enthinnai.com/2008/03/24/openid-providers-that-dont-consume-are-not-evil/#comment-996 Aswath Tue, 25 Mar 2008 02:08:08 +0000 http://blog.enthinnai.com/2008/03/24/openid-providers-that-dont-consume-are-not-evil/#comment-996 Fazal: I agree that some RPs will think along the same lines, some may go even further and require physical contact. Of course there will be some who don't require much. The varied requirement is the reason to separate the authentication function and the service function. This is the fundamental contribution of OpenID. Fazal:

I agree that some RPs will think along the same lines, some may go even further and require physical contact. Of course there will be some who don’t require much. The varied requirement is the reason to separate the authentication function and the service function. This is the fundamental contribution of OpenID.

]]> Comment on OpenID Providers that Don’t Consume are not Evil by Fazal Majid http://blog.enthinnai.com/2008/03/24/openid-providers-that-dont-consume-are-not-evil/#comment-995 Fazal Majid Tue, 25 Mar 2008 01:49:52 +0000 http://blog.enthinnai.com/2008/03/24/openid-providers-that-dont-consume-are-not-evil/#comment-995 I would go further and say that because of their wide-open nature, Google, Yahoo or MSN issued OpenIDs are not worth much. All they provide to the relying party is some measure of confidence the user is a human (thereby obviating the need to participate in the CAPTCHA arms race) and provide an email without requiring the complex double-verified opt-in procedure you would have to use otherwise. OpenID only provides the first A in AAA (authentication, authorization and accounting). OpenIDs issued by eBay have more value because they are tied to a valuable trust metric, the feedback (although eBay is shooting itself in the foot with the recently introduced no-seller-feedback policy). I would go further and say that because of their wide-open nature, Google, Yahoo or MSN issued OpenIDs are not worth much. All they provide to the relying party is some measure of confidence the user is a human (thereby obviating the need to participate in the CAPTCHA arms race) and provide an email without requiring the complex double-verified opt-in procedure you would have to use otherwise.

OpenID only provides the first A in AAA (authentication, authorization and accounting). OpenIDs issued by eBay have more value because they are tied to a valuable trust metric, the feedback (although eBay is shooting itself in the foot with the recently introduced no-seller-feedback policy).

]]> Comment on Relying Parties and Adoption of OpenID by rob http://blog.enthinnai.com/2008/01/27/relying-parties-and-adoption-of-openid/#comment-403 rob Mon, 28 Jan 2008 15:31:05 +0000 http://blog.enthinnai.com/2008/01/27/relying-parties-and-adoption-of-openid/#comment-403 business model for identity providers, i would say that this is who Vidoop is. business model for identity providers, i would say that this is who Vidoop is.

]]> Comment on Relying Parties and Adoption of OpenID by Aswath http://blog.enthinnai.com/2008/01/27/relying-parties-and-adoption-of-openid/#comment-399 Aswath Mon, 28 Jan 2008 05:09:07 +0000 http://blog.enthinnai.com/2008/01/27/relying-parties-and-adoption-of-openid/#comment-399 I anticipate that there will be incidental id providers. What I mean is that just as AAA/AARP issue membership cards, they could issue OpenIDs that will provide additional significance. I could use OpenID in the ecommerce as I use the membership card in physical commerce. This way the monetization is built into the membership. I anticipate that there will be incidental id providers. What I mean is that just as AAA/AARP issue membership cards, they could issue OpenIDs that will provide additional significance. I could use OpenID in the ecommerce as I use the membership card in physical commerce. This way the monetization is built into the membership.

]]> Comment on Relying Parties and Adoption of OpenID by Johannes Ernst http://blog.enthinnai.com/2008/01/27/relying-parties-and-adoption-of-openid/#comment-398 Johannes Ernst Mon, 28 Jan 2008 04:49:53 +0000 http://blog.enthinnai.com/2008/01/27/relying-parties-and-adoption-of-openid/#comment-398 Now there just needs to be a business model for identity providers and we are all set ;-) Now there just needs to be a business model for identity providers and we are all set ;-)

]]> Comment on OpenID to the Rescue by EnThinnai Blog » Blog Archive » Relying Parties and Adoption of OpenID http://blog.enthinnai.com/2008/01/15/openid-to-the-rescue/#comment-396 EnThinnai Blog » Blog Archive » Relying Parties and Adoption of OpenID Mon, 28 Jan 2008 00:36:33 +0000 http://blog.enthinnai.com/2008/01/15/openid-to-the-rescue/#comment-396 [...] by Sun assures the relying parties that they are dealing with Sun employees. As I suggested in the previous post, schools can issue OpenIDs to its students. OpenID becomes useful if the OpenID providers mediate [...] […] by Sun assures the relying parties that they are dealing with Sun employees. As I suggested in the previous post, schools can issue OpenIDs to its students. OpenID becomes useful if the OpenID providers mediate […]

]]> Comment on Calling Card 2.0 by Joseph Poon http://blog.enthinnai.com/2008/01/13/calling-card-20/#comment-390 Joseph Poon Sat, 26 Jan 2008 12:39:57 +0000 http://blog.enthinnai.com/2008/01/13/calling-card-20/#comment-390 Hi Aswath, if you (or anyone else for that matter) would like me to send you an access key to play around with, fire me an email: josephcp at sonicdotnet. It's nothing too impressive (just from a weekend playing around), it's more about the thoughts, implications, and way-of-thinking. The main purpose of having an access key was from a discussion with friends about URL-based relationships and eliminating-spam / access-control. Thanks for the positive comments, I've also moved the page to http://id.josephcp.com/ Hi Aswath, if you (or anyone else for that matter) would like me to send you an access key to play around with, fire me an email: josephcp at sonicdotnet. It’s nothing too impressive (just from a weekend playing around), it’s more about the thoughts, implications, and way-of-thinking.

The main purpose of having an access key was from a discussion with friends about URL-based relationships and eliminating-spam / access-control.

Thanks for the positive comments, I’ve also moved the page to http://id.josephcp.com/

]]> Comment on Jeff’s Business Card in VON Spring 2008 by EnThinnai Blog » Blog Archive » Calling Card 2.0 http://blog.enthinnai.com/2007/12/22/jeffs-business-card-in-von-spring-2008/#comment-333 EnThinnai Blog » Blog Archive » Calling Card 2.0 Sun, 13 Jan 2008 06:36:55 +0000 http://blog.enthinnai.com/2007/12/22/jeffs-business-card-in-von-spring-2008/#comment-333 [...] for you. The card has maximum of five elements – name, title, company, URL and access key. I had suggested this form of calling card [...] […] for you. The card has maximum of five elements – name, title, company, URL and access key. I had suggested this form of calling card […]

]]>