Difference between revisions of "OpenID"

From YobiWiki
Jump to navigation Jump to search
Line 6: Line 6:
   
 
==Identity provider (OpenID provider)==
 
==Identity provider (OpenID provider)==
  +
===Service providers===
Either your own server or [http://openid.net/get/ a service provider offering the service]
 
  +
* [http://openid.net/get/ Big ones]
  +
* [http://www.readwriteweb.com/archives/flickr_to_authenticate_openid.php Flickr] should become one soon...
  +
===Be your own!===
 
* [http://siege.org/projects/phpMyID/ phpMyID] is a standalone, single user, OpenID Identity Provider.
 
* [http://siege.org/projects/phpMyID/ phpMyID] is a standalone, single user, OpenID Identity Provider.
 
===Recipes===
 
===Recipes===

Revision as of 22:33, 15 February 2008

Links

Identity provider (OpenID provider)

Service providers

Be your own!

  • phpMyID is a standalone, single user, OpenID Identity Provider.

Recipes

Relying Party (Consumer)

Mod Auth OpenID for Apache

apt-get install libapache2-mod-auth-openid

Recipes

Libraries

Security

Some are worrying about easier phishing attacks as the relying party could redirect you to another identity provider than yours.
That's why it's good to have diversity and to have your own identity provider hosted at your own server, with your own style and your own authentication method
If there will be phishing, that will occur for the big OpenID providers.
But if you're using a self-signed SSL identity server, for sure man-in-the-middle SSL attack can occur much more easily so don't rely on it!