gmane.comp.web.openid.general

[OpenID] Private Federation solution using OpenID

Matheus Eduardo Bonifacio Morais — 2012-05-08T14:18:57

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi there,

I work for a company which is looking for a federation solution to
SaaS applications used internally by the employees. For our use case
is mandatory that the user data could keep in private and the SaaS
provider must not have access to it. I was thinking to use OpenID
because is well written and the most important part, it is an
open-standard. For what I understood by reading the protocol
specification, this is not a goal of OpenID.

I would like to know if is possible to implement that kind of solution
and If I'm not hurting the main project goals as long as I will not
allow everyone to sign-in using an OpenID compatible account.

Thanks.

- -- 

Matheus Morais
Infraestrutura de TI
Confederação SICREDI ? Porto Alegre
51 3358-4700 ramal 7190

www.sicredi.com.br
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJPqStQAAoJEJaxmh5NVUojoIcH/j7TLBPjfPZ1FXneJVU6

[OpenID] Announcement : the presentasion on "NetCommons add-onmodule seminer"

Toshiya TSURU — 2012-05-08T04:21:10

Hi

In my recnt work, I' ve done implementing OpenId OP/RP into NetCommons
and Mediawiki.
NetCommons is a Open Source LMS/CMS developed by NII(National
Institute of Informatics of Japan).
And Mediawiki is .... what you know, wiki system.

As a result of that work, I'll have a presentation at the seminer
named "NetCommons add-on module seminer" at 16th, Jun.
In the presentation, I'll be talking about What is OpenID, How to
implement it, and New topics about OpenID.

Does anyone has suggestions What is hot or What is new about OpenID?
please let me know.

[OpenID] How to login in gmail with my other OpenID

Mitaka — 2012-04-10T11:40:02

Hi I'm concerned with my privacy and security, so I like the idea of
OpenID accounts and I have a question:

If I have OpenID account, how I can login in gmail with it? Because I
want to use other OpenID, not the Google one...

[OpenID] Here, let me take that URL for you

SitG Admin — 2012-04-09T11:20:10

What happens if I notice someone enabling OpenID (with delegation) in 
their page's headers, but get to account creation before they do? I'm 
admittedly confused by the myopenid.com signup process (just looking 
at its first page, here), but if someone else beats me to 
registration, will myopenid.com let me create a *second* account 
which works just as well as the first? Perhaps prove my control of 
the domain through OP-supplied nonces that show up in my OpenID 
headers later, to keep Eve from simply creating another account? Is 
the myopenid.com Username configurable (it doesn't say), or am I 
forever stuck with what Eve put there? (I'm beginning to think that 
it would be simpler if we just never let me alter my page headers 
until I had signed up with a provider. But then we have to create the 
infrastructure to let OP's control what HTML code I can put on my own 
webpages, so that doesn't seem practical either. The current 
arrangement seems to be "say nothing, lest actively discouraging it 
give user

[OpenID] windows 8 tablet, and openid

Peter Williams — 2012-03-31T18:41:13


ok Ill admit that we never "deployed" openid (as an IDP). I do have a nice codeplex project that is built on the 4windows openid library, that nicely emulates myopenid. But, Ive never had "need" to use it. We will see why below.

 

As an SP, we can accept openid messages from Google, Yahoo, myopenid and openlink4webid (courtesy of the Microsoft Azure openid->ws-fedp bridge). Today, a nice demo has folks with Google crdentials using them to land on Joomla (that we properly ws-fedp enabled). Joomla plugins (wordpress and all its plugins, and JomSocial) then round out the user-centric experience.

 

Since we bought into microsoft STS (passive) concept, the path from Google to Joomla actually wanders by other STSs, transparently. these create web-sessions in passing (and control flows, or add/transform claims). For exmaple, our realty authz claims inserted by an intermediated STS are mapped onto Joomla groups - which drives the flow in what is a now a 100% claims-drive website. Since folks have a google (and

[OpenID] MyOpenID delegation stopped working

Jesus Cea — 2012-03-29T01:25:10

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sorry for the crossposting. I am quite desperate :(.

I haven't found a MyOpenID help email to address this.


I have been using OpenID for ages, delegating from my own domain,
http://www.jcea.es/, to MyOpenID.

This delegation stopped working like two weeks ago, with the following
error message (when redirected to MyOpenID to verify my OpenID, for
example trying to login to StackOverflow):

(the page title is "Bad Request")

"""
If you use OpenID delegation, please make sure your delegation
information is set to <a
href="https://www.myopenid.com/help#own_domain">these values</a>.
"""

The <link> headers in http://www.jcea.es/ seem OK:

"""
<link rel="openid.server" href="http://www.myopenid.com/server" />
   <!-- For delegating OpenID v1.x-->
<link rel="openid.delegate" href="http://jcea.myopenid.com/" />
<!-- For delegating OpenID v1.x-->
<link rel="openid2.local_id" href="http://jcea.myopenid.com" />
<link rel="openid2.provider" href="http://www.myopenid.com/

[OpenID] OpenID in SMTP/IMAP/XMPP/etc

Simon Josefsson — 2012-03-28T19:29:19

Hi folks!

I have been working on the IETF draft for OpenID in SASL:

https://tools.ietf.org/html/draft-ietf-kitten-sasl-openid-08

and now also implemented it in GNU SASL, see this writeup:

https://lists.gnu.org/archive/html/help-gsasl/2012-03/msg00004.html

I wanted to reach out to the OpenID community to find people who want to
work on implementing/deploying this.  If you have some interest in
implementing OpenID support for your SASL-based application (SMTP, IMAP,
XMPP, etc) let me know and I will try to help.

If anyone else has implemented the OPENID20 mechanism, I would also love
to do interop testing.

Cheers,
/Simon

[OpenID] Report from OIDF Account Chooser working group andupcoming in-person workshop

Eric Sachs — 2012-03-08T20:49:30

The OIDF Account Chooser working
group<https://sites.google.com/site/oidfacwg/>that got started in
September
2011 <https://sites.google.com/site/oidfacwg/wg-charter-note> is now very
close to launching the first version of a central Account Chooser service.
 This 4 minute video shows <http://www.youtube.com/watch?v=lln11MRfpPw> it
working today and there are many demos you can try
yourself<https://sites.google.com/site/oidfacwg/cdsdemo>.
 On March 22nd we are holding a meeting of the working group in Silicon
Valley <http://acwg2012march.eventbrite.com/>, and others are invited to
participate, including by watching a live video of the
event<http://acwg2012march.eventbrite.com/>
.

This project has evolved in an unusual manner for the OIDF because it is
primarily a service, not just a specification and open source code.  So we
are very interested in feedback from the community either at that event, on
the ODIF general list, or on the working group
list<http://groups.google.com/group/oidf-account-chooser-list>.

[OpenID] Report from OIDF Marketing committe - OIDF use of socialmedia

Eric Sachs — 2012-03-08T20:48:27

Please help us get out the word that the OIDF is now starting to use social
media to better communicate what we are doing, especially to websites
owners who are still in the password business.  There is also an effort
underway to significantly update the OIDF website which will include better
promotion of those social media channels.  Until then, here are the links
you can use.  The Youtube channel in particular has been filled up with a
lot of videos, and the G+ page links to other videos hosted elsewhere as
well as information about the many upcoming OpenID events.

   - OpenID channel on Youtube<http://www.youtube.com/user/TheOpenIDFoundation>
   - OpenID page on Google+ <https://plus.google.com/114852685785546775114>


   - OpenID on Twitter <https://twitter.com/openid>
   - OpenID page on Facebook<http://www.facebook.com/pages/OpenID/15157608236>
   - OpenID group on Facebook <http://www.facebook.com/groups/2250963308>
   - OpenID group on
Linkedin<http://www.linkedin.com/groups?home=&gid=40144&trk=anet

[OpenID] Executive Committee of the 2012 Board of Directors of theOpenID Foundation

Don Thibeau — 2012-03-06T16:25:05

This is to acknowledge the election of officers and Executive Committee of the 2012 Board of Directors of the OpenID Foundation.

Last week, Nat Sakimura was reelected as Chairman of the Board. Nat continues to provide an invaluable continuity of leadership and representation for the OpenID Foundation in a wide variety of international standards organizations. Eric Sachs, Google's representative on the Board, was elected Vice Chairman. In addition to his Executive Committee responsibilities, Eric will continue to lead both the OIDF Marketing Committee and Account Chooser Work Group.  Kick Willemse, was elected as Community Liaison.  Kick will be providing the Foundation increased global awareness and much needed voice in the European marketplace. 

Kick and Eric's work with Nat will help guide important technical and adoption processes for the proposals and protocols in the OIDF pipeline; OpenID Connect - in the Implementer's draft stage, Account Chooser - ramping up for community input in 2012 and the nasc

[OpenID] Anyone know the owner of the OpenID brand pages onFacebook?

Eric Sachs — 2012-03-02T17:25:24

Does anyone know the owner of this Facebook page for OpenID:

http://www.facebook.com/pages/OpenID/15157608236

The OIDF Marketing Committee is tracking down logins for the different
social pages so we can start using them for marketing.  We noticed that
Facebook page already existed so we hoped to reuse it.

Eric Sachs
Vice Chairman, OpenID Foundation
Senior Product Manager, Google
_______________________________________________
general mailing list
general< at >lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general

[OpenID] openid connect - a high level review - thinking about what the lawyer or auditor needs

Peter Williams — 2012-02-17T11:54:58


I briefly reviewed the openid connect specs (not having seen drafts for years), a rather strange lightweight PKI spec (RFC 6125) that seemed to make rather a mess out of settled engineering material of key management, a reference to an ITU-T spec (whose text I could not read), and OAUTH v2 specs.  I looked at it all as one family - defining a new generic upper layer protocol spec. It was clearly pointless trying to comprehend the anticipated reach or inner nature of openid connect without embracing the wider context.

 

Having worked with auditors and lawyers 15 years ago to write practice disclosures and then actual contracts for the then highly-engineered and internet-centric (vs web-centric) world of TLS, OCSP, and CMS and authenticode timestamping, I asked myself: could you reduce openid connect and all its supporting architectural and dependent infrastructure references to what THEY need? (knowing well how they think, at this point). Could I get to the core model? Could I translate it into the (decla

[OpenID] OpenID Connect Implementer’s Drafts Approved

Nat Sakimura — 2012-02-17T06:25:57

Dear OpenID Fans:

The OpenID membership has approved the following specifications as OpenID
Implementer’s Drafts in the vote held from February 7th to 15th,
2012<https://openid.net/foundation/members/polls/62>
 at https://openid.net/foundation/members/polls/62:

• Basic Client Profile – Simple self-contained specification for a
web-based Relying Party. (This spec contains a subset of the information in
Messages and Standard.)
• Discovery – Defines how user and provider endpoints can be dynamically
discovered.
• Dynamic Registration – Defines how clients can dynamically register with
OpenID Providers.
• Messages – Defines all the messages that are used in OpenID Connect.
(These messages are used by the Standard binding.)
• Standard – Complete HTTP binding of the Messages, for both Relying
Parties and OpenID Providers.
• Multiple Response Type Encoding – Registers OAuth 2.0 response_type
values used by OpenID Connect.

The voting results were:

   - Approve (86 votes)
   - Disapprove

[OpenID] vote for the OpenID Connect for Implementer's Draft.

Don Thibeau — 2012-02-14T22:54:11

The vote for the OpenID Connect for Implementer's Draft closes tomorrow.

We are just a few vote shy of making the quorum. 

If you do not fully understand the draft, that's OK. Just vote abstain. 

Or you can vote "No". 

Making the quorum is what matters. 

You can vote from here: 

https://openid.net/foundation/members/polls/62


Don Thibeau
The OpenID Foundation



_______________________________________________
general mailing list
general< at >lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general

[OpenID] Please vote now in the poll to approve the OpenID Connect specs as Implementer's drafts

Mike Jones — 2012-02-14T21:30:44

If you haven't voted already, please do so now at https://openid.net/foundation/members/polls/62.  The voting period ends tomorrow.

For more information, go to http://openid.net/2012/02/07/vote-for-openid-connect-implementers-drafts-are-open/.

                                                                Thanks,
                                                                -- Mike

_______________________________________________
general mailing list
general< at >lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general

[OpenID] One-Click OpenID: A Solution to the NASCAR Problem

Francisco Corella — 2012-02-14T01:00:32

FYI:

One-Click OpenID: A Solution to the NASCAR Problem, blog post at

http://pomcor.com/2012/02/13/one-click-openid-a-solution-to-the-nascar-problem/

Comments welcome.

Francisco


Francisco Corella, PhD
Founder & CTO, Pomcor
Twitter: < at >fcorella
Blog: http://pomcor.com/blog/
Web site: http://pomcor.com_______________________________________________
general mailing list
general< at >lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general

[OpenID] OpenID Foundation 2012 Community Board Member ElectionResults

Don Thibeau — 2012-02-13T11:59:24

OpenID Foundation 2012 Community Board Member Election Results
 
Thanks to all who voted for the board members who will represent the OpenID community at large for the next two years.  Having received the two highest number of votes cast, Greg Keegstra and Axel Nennker have been elected to two years terms.  Greg is new to the board and brings a fresh eye to OpenID marketing and outreach.  Axel is a returning community board member, bringing his technical expertise in mobile identity research and an informed European perspective to the Foundation.  They join current community representatives John Bradley, Mike Jones, Nat Sakimura, and Kick Willemse, serving the second years of their terms. Their leadership, together with sustaining member company representatives; Pam Dingle of Ping Identity, Farhang Kassaei of PayPal, Tony Nadalin of Microsoft, Nico Popp of Symantec, and Eric Sachs of Google was important to the success of last years OpenID Connect Summits.
 
This is a good time to thank Brian Kissel, Chris

[OpenID] OpenID Providers Invited to Join in an NSTIC Pilot Proposal

Francisco Corella — 2012-02-10T23:58:03

FYI:
http://pomcor.com/2012/02/10/openid-providers-invited-to-join-in-an-nstic-pilot-proposal/
_______________________________________________
general mailing list
general< at >lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general

[OpenID] 2012 OpenID Foundation Director Election

Don Thibeau — 2012-01-05T20:11:09

This is a message regarding the upcoming OpenID Board of Directors election.

Chris Messina has decided not to run for re-election in 2012. I want to acknowledge the important contributions Chris has made from the beginning of the OpenID effort. As a community board representative and member of the Executive Committee, Chris has shared his considerable network, marketing expertise and strong views about user-centric identity. As Chris has said; "internet identity continues to be an unsolved problem for the mass of free (as in freedom) internet users."  

Chris's contributions act as model for others to step up to the important contributions that can be made as a community director on the OpenID Foundation Board. To be sure, leadership and collaboration with competitors on industry standards has built in challenges, especially for those representing a broad community interest. In this context the voice of the community is especially important. A concrete and recent lesson lies in the evolution to OpenID Conne

[OpenID] 2012 OpenID Foundation Director Election

Don Thibeau — 2012-01-05T20:11:09

This is a message regarding the upcoming OpenID Board of Directors election.

Chris Messina has decided not to run for re-election in 2012. I want to acknowledge the important contributions Chris has made from the beginning of the OpenID effort. As a community board representative and member of the Executive Committee, Chris has shared his considerable network, marketing expertise and strong views about user-centric identity. As Chris has said; "internet identity continues to be an unsolved problem for the mass of free (as in freedom) internet users."  

Chris's contributions act as model for others to step up to the important contributions that can be made as a community director on the OpenID Foundation Board. To be sure, leadership and collaboration with competitors on industry standards has built in challenges, especially for those representing a broad community interest. In this context the voice of the community is especially important. A concrete and recent lesson lies in the evolution to OpenID Conne

[OpenID] 2012 OpenID Foundation Director Election

Don Thibeau — 2012-01-05T20:11:09

This is a message regarding the upcoming OpenID Board of Directors election.

Chris Messina has decided not to run for re-election in 2012. I want to acknowledge the important contributions Chris has made from the beginning of the OpenID effort. As a community board representative and member of the Executive Committee, Chris has shared his considerable network, marketing expertise and strong views about user-centric identity. As Chris has said; "internet identity continues to be an unsolved problem for the mass of free (as in freedom) internet users."  

Chris's contributions act as model for others to step up to the important contributions that can be made as a community director on the OpenID Foundation Board. To be sure, leadership and collaboration with competitors on industry standards has built in challenges, especially for those representing a broad community interest. In this context the voice of the community is especially important. A concrete and recent lesson lies in the evolution to OpenID Conne