Comments on: OpenID as True Single Signon http://singpolyma.net/2007/01/openid-as-true-single-signon/ Sun, 06 Jul 2008 19:49:22 +0000 http://wordpress.org/?v=2.5.1 By: Stephen Paul Weber http://singpolyma.net/2007/01/openid-as-true-single-signon/#comment-52855 Stephen Paul Weber Tue, 30 Nov 1999 00:00:00 +0000 http://singpolyma.net/wordpress/2007/01/openid-as-true-single-signon/#comment-52855 That's a Blogger thing and exactly what OpenID angles to solve. Personally, I think they store none of it and KNOW the blog owner can't see it :) That's a Blogger thing and exactly what OpenID angles to solve. Personally, I think they store none of it and KNOW the blog owner can't see it :)

]]> By: jp http://singpolyma.net/2007/01/openid-as-true-single-signon/#comment-52828 jp Tue, 30 Nov 1999 00:00:00 +0000 http://singpolyma.net/wordpress/2007/01/openid-as-true-single-signon/#comment-52828 My concern - Is that for example on Blogger, when you look at the Page Info on the comment it has a tab with forms and WTF all of my personal info is on there, email, password, etc. How much of this can be seen by the owner of the blog if you post anonymously or use a nickname. How much is silently stored by blogger when you post a comment. Could it be used to trace anonymous comments back to the source? My concern -
Is that for example on Blogger, when you look at the Page Info on the comment it has a tab with forms and WTF all of my personal info is on there, email, password, etc. How much of this can be seen by the owner of the blog if you post anonymously or use a nickname. How much is silently stored by blogger when you post a comment. Could it be used to trace anonymous comments back to the source?

]]> By: Efendi http://singpolyma.net/2007/01/openid-as-true-single-signon/#comment-986 Efendi Tue, 30 Nov 1999 00:00:00 +0000 http://singpolyma.net/wordpress/2007/01/openid-as-true-single-signon/#comment-986 Micro Persuasion have <a href="http://www.micropersuasion.com/2007/01/blog_platforms_.html">some article</a> about OpenID too :) Micro Persuasion have some article about OpenID too :)

]]> By: Singpolyma http://singpolyma.net/2007/01/openid-as-true-single-signon/#comment-987 Singpolyma Tue, 30 Nov 1999 00:00:00 +0000 http://singpolyma.net/wordpress/2007/01/openid-as-true-single-signon/#comment-987 @function Rasqual Twilight - Obviously for a Firefox extension/similar you wouldn't want to blindly give your OpenID to every site you visited (probably anyway).<br /><br />RE Cookie/UA - As I explained cross-site cookies are impossible, this is for more than browsers only (likely) and sending either a 'fake' cookie or UA is unnecessarily complicated. GET works... and it's already being used with the almost-standard field name openid_url... I'm just suggesting that EVERY page on a site accept the GET param that they are ALREADY accepting on the login page... @function Rasqual Twilight - Obviously for a Firefox extension/similar you wouldn't want to blindly give your OpenID to every site you visited (probably anyway).

RE Cookie/UA - As I explained cross-site cookies are impossible, this is for more than browsers only (likely) and sending either a 'fake' cookie or UA is unnecessarily complicated. GET works… and it's already being used with the almost-standard field name openid_url… I'm just suggesting that EVERY page on a site accept the GET param that they are ALREADY accepting on the login page…

]]> By: Rasqual Twilight http://singpolyma.net/2007/01/openid-as-true-single-signon/#comment-988 Rasqual Twilight Tue, 30 Nov 1999 00:00:00 +0000 http://singpolyma.net/wordpress/2007/01/openid-as-true-single-signon/#comment-988 It would be interesting, provided that:<br />* It is ruled-based, preferably with a whitelist of applicable domains or subd.<br />* Why not send in a cookie or in the user-agent string? It would be interesting, provided that:
* It is ruled-based, preferably with a whitelist of applicable domains or subd.
* Why not send in a cookie or in the user-agent string?

]]>