This link has been bookmarked by 167 people . It was first bookmarked on 25 Oct 2006, by jonathan@katzman com.
-
03 Sep 15
-
30 Aug 15
-
02 Sep 14
-
allows users to be authenticated by certain co-operating sites (known as Relying Parties or RP) using a third party service
-
users can log into multiple unrelated websites without having to register with their information over and over again
-
use those accounts to sign onto any website which accepts OpenID authentication
-
Users create accounts by selecting an OpenID identity provider,
-
identity provider
-
OpenID acceptor (the "relying party")
-
user attributes
-
OpenID 2.0
-
An end-user is the entity that wants to assert a particular identity. A relying party (RP) is a web site or application that wants to verify the end-user's identifier. Other terms for this party include "service provider" or the now obsolete "consumer". An identity provider, or OpenID provider (OP) is a service that specializes in registering OpenID URLs or XRIs. OpenID enables an end-user to communicate with a relying party. This communication is done through the exchange of an identifier or OpenID, which is the URL or XRI chosen by the end-user to name the end-user's identity. An Identity provider provides the OpenID authentication (and possibly other identity services). The exchange is enabled by a User-agent, which is the program (such as a browser) used by the end-user to communicate with the relying party and OpenID provider.
-
a web site or application that wants to verify the end-user's identifier
-
wants to assert a particular identity
-
identity provider
-
OpenID enables an end-user to communicate with a relying party.
-
An Identity provider provides the OpenID authentication (and possibly other identity services
-
relying party
-
relying party then requests the HTML resource identified by the URL and reads an HTML link tag to discover the OpenID provider's URL
-
elying party discovers the OpenID provider URL by requesting the XRDS document
-
two modes
-
relying party requests that the OpenID provider not interact with the end-user.
-
checkid_immediate
-
nd-user communicates with the OpenID provider via the same user-agent used to access the relying party.
-
checkid_setup
-
ssociate handle
-
relying party
-
OpenID provider
-
establish a shared secret,
-
an OpenID provider prompts the end-user for a password or some cryptographic token, and then asks whether the end-user trusts the relying party to receive the necessary identity details
-
-
13 Jun 14
-
First, the relying party and the OpenID provider (optionally) establish a shared secret, referenced by an associate handle, which the relying party then stores. If using the
checkid_setupmode, the relying party redirects the end-user's user-agent to the OpenID provider so the end-user can authenticate directly with the OpenID provider. -
The method of authentication may vary, but typically, an OpenID provider prompts the end-user for a password or some cryptographic token, and then asks whether the end-user trusts the relying party to receive the necessary identity details.
-
If the end-user accepts the OpenID provider's request to trust the relying party, then the user-agent is redirected back to the relying party along with the end-user's credentials. That relying party must then confirm that the credentials really came from the OpenID provider.
-
After the OpenID has been verified, authentication is considered successful and the end-user is considered logged in to the relying party under the identity specified by the given OpenID
-
-
07 Dec 13
-
open standard that allows users to be authenticated by certain co-operating sites
-
Relying Parties or RP
-
provides a framework for the communication that must take place between the identity provider and the OpenID acceptor
-
neither services nor the OpenID standard may mandate a specific means by which to authenticate users
-
extension to the standard
-
OpenID Attribute Exchange
-
transfer of user attributes, such as name and gender
-
OpenID
-
also refer to an identifier as specified in the OpenID standard
-
does not rely on a central authority to authenticate a user's identity
-
managed by some 'OpenID provider'
-
unique URI
-
-
enables an end-user to communicate with a relying party
-
communication is done through the exchange of an identifier or OpenID
-
relying party (RP
-
end-user is the entity that wants to assert a particular identity
-
site or application that wants to verify the end-user's identifier.
-
exchange is enabled by a User-agent
-
OpenID provider (OP)
-
service that specializes in registering OpenID URLs or XRIs
-
program (such as a browser) used by the end-user to communicate with the relying party and OpenID provider
-
that provides an option to specify an OpenID
-
end-user interacts with a relying party
-
end-user typically has previously registered an OpenID
-
relying party typically transforms the OpenID into a canonical URL form
-
relying party discovers the OpenID provider URL by requesting the XRDS document
-
OpenID 2.0
-
called the Yadis document
-
content type
application/xrds+xml -
document may be available at the target URL and is always available for a target XRI
-
two modes in which the relying party may communicate with the OpenID provider
-
checkid_immediate
-
relying party requests that the OpenID provider not interact with the end-user
-
relayed through the end-user's user-agent
-
end-user communicates with the OpenID provider via the same user-agent used to access the relying party
-
checkid_setup
-
checkid_immediatemode can fall back to thecheckid_setupmode if the operation cannot be automated -
elying party and the OpenID provider (optionally) establish a shared secret
-
eferenced by an associate handle
-
relying party redirects the end-user's user-agent to the OpenID provider so the end-user can authenticate directly with the OpenID provider
-
relying party then stores
-
If using the
checkid_setup -
OpenID provider prompts the end-user for a password or some cryptographic token
-
asks whether the end-user trusts the relying party to receive the necessary identity details
-
If the end-user declines
-
redirected back to the relying party with a message indicating that authentication was rejected
-
user-agent is redirected back to the relying party along with the end-user's credentials
-
If the end-user accepts
-
relying party must then confirm that the credentials really came from the OpenID provide
-
If the relying party and OpenID provider had previously established a shared secret
-
can validate the identity of the OpenID provider by comparing its copy of the shared secret against the one received along with the end-user's credentials
-
stores the shared secret between sessions
-
relying party is called stateful
-
must make one more background request
-
stateless or dumb relying party
-
check_authentication
-
ensure that the data indeed came from the OpenID provider
-
elying party typically then stores the end-user's OpenID along with the end-user's other session information
-
user needs to register an OpenID identifier with an identity provider
-
To obtain an OpenID-enabled URL
-
user can also use an existing URL under their own control (such as a blog or home page) as an alias or "delegated identity"
-
-
15 Jul 12
-
facilitates the transfer of user attributes, such as name and gender, from the OpenID identity provider to the relying party (each relying party may request a different set of attributes, depending on its requirements
-
The term OpenID may also refer to an identifier as specified in the OpenID standard; these identifiers take the form of a unique URI, and are managed by some 'OpenID provider' that handles authentication
-
-
30 Apr 12
-
The OpenID standard provides a framework for the communication that must take place between the identity provider and the OpenID acceptor (the ‘relying party’).
-
An extension to the standard (the OpenID Attribute Exchange) facilitates the transfer of user attributes, such as name and gender, from the OpenID identity provider to the relying party (each relying party may request a different set of attributes, depending on its requirements)
-
OpenID protocol does not rely on a central authority to authenticate a user's identity
-
to communicate with a Relying party (RP)
-
OpenID enables an End-user
-
service provider
-
-
An Identity provider or OpenID provider (OP), which is a service that specializes in registering OpenID URLs or XRIs, provides the OpenID authentication
-
The exchange is enabled by a User-agent, which is the program (such as a browser) used by the end-user to communicate with the relying party and OpenID provider
-
-
22 Mar 12
-
Thus nonces only protect against passive attackers but cannot prevent active attackers from executing the replay attack.[32]
-
-
10 Dec 11
Simon RousseauCeci est un standard décrivant les mécanismes permettant à un usager de s'authentifier de façon décentralisé.
-
Simon RousseauCeci est un standard décrivant les mécanismes permettant à un usager de s'authentifier de façon décentralisé.
-
02 Oct 11
-
07 Apr 11
-
-
27 Mar 11
-
21 Mar 11
-
18 Jan 11
-
14 Nov 10
-
12 Nov 10
-
23 Sep 10
-
02 Sep 10
-
21 Jul 10
-
13 Jul 10
-
21 Jun 10
Swaentje Tillogvoor de pagina's van Fred
-
13 Jun 10
-
30 Apr 10
-
OpenID is an open, decentralized standard for authenticating users which can be used for access control, allowing users to log on to different services with the same digital identity where these services trust the authentication body. OpenID replaces the common log on process that uses a login-name and a password, by allowing a user to log in once and gain access to the resources of multiple software systems
-
An OpenID is in the form of a unique URL, and is authenticated by the user's 'OpenID provider' (that is, the entity hosting their OpenID URL).[1] The OpenID protocol does not rely on a central authority to authenticate a user's identity. Since neither the OpenID protocol nor websites requiring identification may mandate a specific type of authentication, non-standard forms of authentication can be used, such as smart cards, biometrics, or ordinary passwords.
-
-
-
17 Apr 10
-
18 Mar 10
-
allowing a user to log in once and gain access to the resources of multiple software systems.
-
-
07 Mar 10
-
29 Oct 09
Luca Filipozzi* Athens access and identity management
* Central Authentication Service
* DataPortability
* XRI
* Identity 2.0
* Information Card
* Liberty Alliance
* Light-Weight Identityopenid authentication identity security wikipedia web2.0 web development iam
-
29 Jul 09
-
- Yahoo! allows users to use their Yahoo! IDs as OpenIDs starting January 31, 2008.[43]
- Userstyles.org, the CSS repository for Stylish
- SourceForge
- Google[44]
- Luxsci is both an OpenID consumer and provider.
- Facebook now allows an existing account to have an OpenID associated as an alternative login method.
- In 2.0 RC1.1, Simple Machines Forum allows the administrator to allow registration using an OpenID.
Some of the companies (especially the biggest ones) which did enable OpenID have been criticized for being a provider of OpenID identities to third-party websites, without being an OpenID consumer and allowing credentials of another website to work with their own websites. (For example, logging into Yahoo through Windows Live credentials).[45]
-
-
10 Jun 09
-
28 May 09
-
23 Apr 09
-
13 Mar 09
-
26 Feb 09
-
30 Oct 08
-
03 Oct 08
-
19 Aug 08
-
30 Jun 08
-
19 May 08
-
14 May 08
-
23 Apr 08
-
18 Apr 08
tresingI didn't know that Yahoo users can use their accounts as openid. I'll have to try this on a livejournal blog at home.
-
04 Apr 08
-
17 Mar 08
-
27 Feb 08
-
19 Feb 08
-
01 Feb 08
-
20 Jan 08
-
25 Dec 07
-
13 Nov 07
-
12 Nov 07
-
30 Oct 07
-
16 Oct 07
-
05 Oct 07
-
04 Oct 07
-
-
05 Sep 07
-
25 Aug 07
-
12 Aug 07
-
03 Aug 07
-
29 Jul 07
-
09 Jul 07
-
13 Jun 07
-
03 Jun 07
-
OpenID is a decentralized single sign-on system. Using OpenID-enabled sites, web users do not need to remember traditional authentication tokens such as username and password. Instead, they only need to be previously registered on a website with an OpenID "identity provider", sometimes called an i-broker. Since OpenID is decentralized, any website can employ OpenID software as a way for users to sign in; OpenID solves the problem without relying on any centralized website to confirm digital identity.
OpenID is increasingly gaining adoption amongst large sites, with organizations like AOL acting as a provider. In addition, integrated OpenID support has been made a high priority in Firefox 3[1] and Microsoft is working on implementing OpenID 2.0 in Windows Vista.[2]
-
-
25 May 07
-
22 May 07
-
20 May 07
Steven VerjansImportant development in the world of authentication & authorisation
openid identity authentication web2.0 for:wallbanger for:tomwambeke for:henryhermans elo2b
-
04 May 07
-
11 Apr 07
christopherritterOpenID is a decentralized single sign-on system. On OpenID-enabled sites, Internet users do not need to register and manage a new account for every site before being granted access.
-
16 Mar 07
-
23 Feb 07
-
22 Feb 07
-
29 Jan 07
allesmallachenOpenID is a decentralized digital identity system, in which any user's online identity is given by URI (such as for a blog or a home page) and can be verified by any server running the protocol.
-
28 Jan 07
-
19 Jan 07
-
12 Jan 07
-
09 Jan 07
-
28 Dec 06
-
21 Dec 06
-
14 Dec 06
-
09 Dec 06
-
05 Dec 06
-
20 Nov 06
-
16 Nov 06
-
10 Nov 06
-
29 Oct 06
Gary BurgeOpenID is a decentralized digital identity system, in which any user's online identity is given by URL (such as for a blog or a home page) or an XRI (such as an i-name or i-number), and can be verified by any server running the protocol.
-
25 Oct 06
-
21 Oct 06
-
20 Oct 06
Tarek AmrOpenID is a simple identification mechanism originally developed by Brad Fitzpatrick of LiveJournal and is now largely being developed by David Recordon of VeriSign, JanRain, and Dick Hardt of Sxip. It is a distributed, decentralized network, in which any
AAA Authentication OpenSource Web2.0 Wikipedia Blog Internet Security Technology
-
beattakeshi"It is a distributed, decentralized network, in which any user's online identity is given by URL (such as for a blog or a home page) or an XRI (such as an i-name), and can be verified by any server running the protocol."
-
18 Oct 06
-
15 Sep 06
-
23 Jun 06
-
22 Jun 06
Adam CroweOpenID is a simple identification mechanism in which your identity is a URL. On OpenID-enabled sites, Internet users don't need to create and manage a new account for every site before being granted access. Instead, only one authentication with a trusted
-
23 Feb 06
Would you like to comment?
Join Diigo for a free account, or sign in if you are already a member.