[wp-hackers] Adoption of OpenID
Jason S
jason at zenenet.com
Sat Oct 22 19:59:46 GMT 2005
Hey everyone.
Per Podz, it was suggested that I might be able to make a little bit
more noise on the list as opposed to the support forum.
Having said that, crossposted from http://wordpress.org/support/topic/47536
__________________________________
Based off the searchs, looks like this hasn't been an incredibly often
discussed topic.
First off, yes, I am well aware of
http://www.scatmania.org/archives/2005/08/06/openid-for-wordpress/ but I
would like to expand the idea to Wordpress Core, Wordpress MU, and
(subsequently) wordpress.com
It's really great that I can signup at LiveJournal, and talk to my
friends there, and they'll definitively know it's me by my user.
Then it's great to sign up at DeadJournal and do the same.
Then MySpace, then Xanga, oh, and let's not forget to sign up for a
TypeKey identity so the spam crazy MT users will actually recieve my
comments, and on and on and on.
This opens up the known problems:
Lost username/password.
Shared passwords everywhere (in many cases).
Taken usernames/frustrated users.
Privacy concerns, and the list goes on.
My key suggestions are for:
1) OpenID support to be professionally integrated into CORE Wordpress.
There's a lot of blogs I come across, even more so thanks to Google
BlogSearch. And I don't like leaving anonymous comments, and I don't
like registering places JUST to comment (probably once!).
2) OpenIDs to be given to ALL wordpress.com users. Having said this,
that means of course that OpenID has to be integrated into Wordpress MU
as well (duh?).
Upsides:
* NO MORE REGISTRATIONS!
Anyone with a domain and the ability to host a 2K HTML file can have an
OpenID at their own domain, without having to set up an OpenID server.
How? By delegating their ID out to another OpenID server.
For now, vxjasonxv.com is delegated to LiveJournal, because I have an
account there (and they adopted it... because, well, the founder of LJ
created OpenID!)
For example, this is in my index.html page.
<html>
<head>
<title>My Homepage</title>
<link rel="openid.server"
href="http://www.livejournal.com/openid/server.bml" />
<link rel="openid.delegate" href="http://vxjasonxv.livejournal.com/" />
</head>
<body>
...
* One Account, One Password, so many sites.
Password authentication is done by taking you back to your OpenID server
with two steps:
1) Ensuring you're logged in. And prompting you to log in if you're not.
2) Confirming that you wish to send your identity to the site requesting it.
The absolute most important part is that you DO NOT GIVE YOUR OPENID
PASSWORD ON A SITE OTHER THAN YOUR OPENID SERVER.
They don't need your authentication information, only your identity
information that your OpenID server will send to them.
If Wordpress would allow me to use this on my own domain, for myself,
and not 'delegated around the web', I would be using Wordpress 100% of
the time IN A HEARTBEAT.
I don't already only because PHP support of OpenID is not 100% there.
Videntity.org provides libs, but not the page construction to communicate.
Scatman's implementation needs some touchups and additional features to
manage your own identity on external sites (I think).
I would REALLY like to see this more widely adopted.
For more information you can see;
The OpenID Homepage < http://openid.net >
Videntity.org (a openid account/social networking site) <
http://videntity.org >
My Original OpenID Rant (@LiveJournal) <
http://vxjasonxv.livejournal.com/448635.html >
My videntity OpenID profile < http://videntity.org/profile/vxjasonxv.com >
Check it out, wontcha?
More information about the wp-hackers
mailing list