[tdwg-tag] OpenID - is it for us?

Roger Hyam (TDWG) rogerhyam at mac.com
Wed May 7 10:45:40 CEST 2008 

The OpenID 2 spec says:

"OpenID Authentication uses only standard HTTP(S) requests and  
responses, so it does not require any special capabilities of the User- 
Agent or other client software."

So I guess it would be possible for web services to exploit it.

I think the problem at the moment is any site or service has to  
provide two methods. A traditional one and an OpenID authentication  
and this increases the implementation burden without much benefit.

If it was just a little more widely accepted (perhaps google and  
microsoft live) then I'd be tempted to do a site that required an  
OpenID.

Roger



-------------------------------------------------------------
Roger Hyam
Roger at BiodiversityCollectionsIndex.org
http://www.BiodiversityCollectionsIndex.org
-------------------------------------------------------------
Royal Botanic Garden Edinburgh
20A Inverleith Row, Edinburgh, EH3 5LR, UK
Tel: +44 131 552 7171 ext 3015
Fax: +44 131 248 2901
http://www.rbge.org.uk/
-------------------------------------------------------------




On 7 May 2008, at 08:55, Markus Döring wrote:

> Roger,
> its a tricky subject. For me the biggest drawback of OpenID is that  
> it needs as a client a browser for authentication, so it cant be  
> used to secure webservices (openid2.0 might have improvements).  
> Nearly any identitiy system I came across can also work as an OpenID  
> provider by the way, CAS,Shibboleth,Google all work fine.
>
> Markus
>
>
>
>
> On 7 May, 2008, at 9:04, Roger Hyam wrote:
>
>> Hi Everyone,
>>
>> Does anyone have any experience with OpenID?
>>
>> http://openid.net/
>>
>> Would this be a useful and simple way to provide cohesion within  
>> our community if one of the bigger members (GBIF, TDWG, EoL etc)  
>> acted as an Open ID provider?
>>
>> I know there were presentations on Shibboleth at TDWG 2007.
>>
>> http://shibboleth.internet2.edu/
>>
>> OpenID seems simpler but does no authorization I believe (it is  
>> just an ID solution). Could the two be integrated for those who  
>> need to share notions of authorization...
>>
>> I'd be interested to hear people's thoughts on this.
>>
>> Thanks,
>>
>> Roger
>>
>> -------------------------------------------------------------
>> Roger Hyam
>> Roger at BiodiversityCollectionsIndex.org
>> http://www.BiodiversityCollectionsIndex.org
>> -------------------------------------------------------------
>> Royal Botanic Garden Edinburgh
>> 20A Inverleith Row, Edinburgh, EH3 5LR, UK
>> Tel: +44 131 552 7171 ext 3015
>> Fax: +44 131 248 2901
>> http://www.rbge.org.uk/
>> -------------------------------------------------------------
>>
>>
>>
>>
>> _______________________________________________
>> tdwg-tag mailing list
>> tdwg-tag at lists.tdwg.org
>> http://lists.tdwg.org/mailman/listinfo/tdwg-tag
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.tdwg.org/pipermail/tdwg-tag/attachments/20080507/bfc91d26/attachment.html

More information about the tdwg-tag mailing list