OpenID - is it for us?
Hi Everyone,
Does anyone have any experience with OpenID?
Would this be a useful and simple way to provide cohesion within our community if one of the bigger members (GBIF, TDWG, EoL etc) acted as an Open ID provider?
I know there were presentations on Shibboleth at TDWG 2007.
http://shibboleth.internet2.edu/
OpenID seems simpler but does no authorization I believe (it is just an ID solution). Could the two be integrated for those who need to share notions of authorization...
I'd be interested to hear people's thoughts on this.
Thanks,
Roger
------------------------------------------------------------- Roger Hyam Roger@BiodiversityCollectionsIndex.org http://www.BiodiversityCollectionsIndex.org ------------------------------------------------------------- Royal Botanic Garden Edinburgh 20A Inverleith Row, Edinburgh, EH3 5LR, UK Tel: +44 131 552 7171 ext 3015 Fax: +44 131 248 2901 http://www.rbge.org.uk/ -------------------------------------------------------------
Roger, its a tricky subject. For me the biggest drawback of OpenID is that it needs as a client a browser for authentication, so it cant be used to secure webservices (openid2.0 might have improvements). Nearly any identitiy system I came across can also work as an OpenID provider by the way, CAS,Shibboleth,Google all work fine.
Markus
On 7 May, 2008, at 9:04, Roger Hyam wrote:
Hi Everyone,
Does anyone have any experience with OpenID?
Would this be a useful and simple way to provide cohesion within our community if one of the bigger members (GBIF, TDWG, EoL etc) acted as an Open ID provider?
I know there were presentations on Shibboleth at TDWG 2007.
http://shibboleth.internet2.edu/
OpenID seems simpler but does no authorization I believe (it is just an ID solution). Could the two be integrated for those who need to share notions of authorization...
I'd be interested to hear people's thoughts on this.
Thanks,
Roger
Roger Hyam Roger@BiodiversityCollectionsIndex.org http://www.BiodiversityCollectionsIndex.org
Royal Botanic Garden Edinburgh 20A Inverleith Row, Edinburgh, EH3 5LR, UK Tel: +44 131 552 7171 ext 3015 Fax: +44 131 248 2901 http://www.rbge.org.uk/
tdwg-tag mailing list tdwg-tag@lists.tdwg.org http://lists.tdwg.org/mailman/listinfo/tdwg-tag
The OpenID 2 spec says:
"OpenID Authentication uses only standard HTTP(S) requests and responses, so it does not require any special capabilities of the User- Agent or other client software."
So I guess it would be possible for web services to exploit it.
I think the problem at the moment is any site or service has to provide two methods. A traditional one and an OpenID authentication and this increases the implementation burden without much benefit.
If it was just a little more widely accepted (perhaps google and microsoft live) then I'd be tempted to do a site that required an OpenID.
Roger
------------------------------------------------------------- Roger Hyam Roger@BiodiversityCollectionsIndex.org http://www.BiodiversityCollectionsIndex.org ------------------------------------------------------------- Royal Botanic Garden Edinburgh 20A Inverleith Row, Edinburgh, EH3 5LR, UK Tel: +44 131 552 7171 ext 3015 Fax: +44 131 248 2901 http://www.rbge.org.uk/ -------------------------------------------------------------
On 7 May 2008, at 08:55, Markus Döring wrote:
Roger, its a tricky subject. For me the biggest drawback of OpenID is that it needs as a client a browser for authentication, so it cant be used to secure webservices (openid2.0 might have improvements). Nearly any identitiy system I came across can also work as an OpenID provider by the way, CAS,Shibboleth,Google all work fine.
Markus
On 7 May, 2008, at 9:04, Roger Hyam wrote:
Hi Everyone,
Does anyone have any experience with OpenID?
Would this be a useful and simple way to provide cohesion within our community if one of the bigger members (GBIF, TDWG, EoL etc) acted as an Open ID provider?
I know there were presentations on Shibboleth at TDWG 2007.
http://shibboleth.internet2.edu/
OpenID seems simpler but does no authorization I believe (it is just an ID solution). Could the two be integrated for those who need to share notions of authorization...
I'd be interested to hear people's thoughts on this.
Thanks,
Roger
Roger Hyam Roger@BiodiversityCollectionsIndex.org http://www.BiodiversityCollectionsIndex.org
Royal Botanic Garden Edinburgh 20A Inverleith Row, Edinburgh, EH3 5LR, UK Tel: +44 131 552 7171 ext 3015 Fax: +44 131 248 2901 http://www.rbge.org.uk/
tdwg-tag mailing list tdwg-tag@lists.tdwg.org http://lists.tdwg.org/mailman/listinfo/tdwg-tag
participants (3)
-
Markus Döring -
Roger Hyam -
Roger Hyam (TDWG)