OpenID and all the hassle goes away
Hi Mates, i'm really exited with this identity model which was around since 2005 but maybe the commercial suppory by ViriSign and others what brings it to the surface anyway..
i'm not in the place of comparing OpenID to CardSpace or any other existed paradim just hinting on how to create your own OpenID account which will help you sign-in to many web sites and the number is growing..
the idea on single sign-in was existed for a while with Yahoo, Google and Microsoft with Yahoo Single Sign-in, Google Accounts and Live Passport respectively.
What is OpenID?
OpenID is the way to sign-in/log-on any OpenID supported site without prior registration even if this is the first time you visited that site.
Why OpenID is usfull?
First you will no longer register on every site you want to use you already use your OpenID (universal passport) to log to that web site so you skip all the haslle of choosing uniqe names and dealing with diffrant password polices, also don't have to fill all this application form very time.
With OpenID (and similar paradims) you will have the peace of mind knowing that all your valuable information is store in only one secure location - Identity Provider - that you trusted.
For Developers/Site Owners?
You will benfit as you will not to have to store all the information of visitors like username, passports, emails and other info at your end and worrying about security issue which may lead you in trouble in case your database compromised.
How it works?
You will register at www.myopenid.com - Identity provider - to have your uniqe OpenID account and you good to go! yes it's that simple.
Now you can use your new universal credintial to log into any web site that support OpenID and when you do so the web site you try to log to will contact your identity provider the Identity provider in our case myOpenID - and you will be redirect to that provider - will tell you that certin web site - the one you want to log to - is requisting information like Nickname, Fullname, email.. and now you can choose weither to give these information to that website or some of these info like only the nickname and email and don't disclose your full name as some of these requists maybe optional - the requister determin - and then choose to allow these information once or automaticly - like choosing remember my password - so you can always allow this informatuion for that certin web site.
and once you have allowed the information you will be re-redirect to the web site as a logged user.
Your domain or blog address as your OpenID
This is cool and stright forword at the same time - not all cools stuff that easy - you will have couple of line in the <HEAD> tag of your default page of your blog or website.
and the same scenario applied but the identity provider will check those couple of lines and match your account.
for instant in my index.html <HEAD> tag i added those couple of lines so i can use my domain name www.adelkhalil.com as my OpenID
<link rel="openid.server" href="http://www.myopenid.com/server" />
<link rel="openid.delegate" href="http://adelkhalil.myopenid.com/" />
<meta http-equiv="X-XRDS-Location" content="http://adelkhalil.myopenid.com/xrds" />
as you see http://www.myopenid.com/server is my identity server, http://adelkhalil.myopenid.com/ is my OpenID account that i created when i registerd.
yes, at www.myopenid.com you can choose multiple persona which is like multiple profiles that you can pre prepare and give it to any requister (web site you want to log to)
Hope it's now appealing as it is to me..
That doesn't mean that this model don't have flaws but what doesn't. Daniel Renfer post about OpenID security issues .
Theres also podcast by Scott Hansleman about OpenID recommended to listen too.
UPDATE: It come to my knowalage that Microsoft will support OpenID by developing integration with CardSpace