[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[WEB SECURITY] (Yadis) yet another distributed identity system

From: Jeremiah Grossman <jeremiah@xxxxxxxxxxxxxxx>
Subject: [WEB SECURITY] (Yadis) yet another distributed identity system
Date: Fri, 20 May 2005 07:56:39 -0700

OpenID (http://www.danga.com/openid/), developed by the creators LiveJournal, is another attempt at a single sign-on system. The system is similar TypeKey and Password, but focused more towards blogs and promises to actually be "distributed".

"An OpenID-enabled site/blog lets you authenticate using your existing login from your homesite (whether that's on your own server or a hosted service) without giving away your password to the 3rd-party site you're visiting, or making a new account there, or giving away your email address. And it's secure, and can run entirely in the browser without extensions, without moving between pages."

The overview mentions the possible use of SAML, which might be of interest to the conversation of about placing XML services in Ajax thread.

There is also a demo available using Ajax:
http://www.danga.com/openid/demo/demo.html

and detailed system specifications:
http://www.danga.com/openid/specs.bml

Enjoy.


---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/

Prev by Date: RE: [WEB SECURITY] honeymonkeys, client honeypots
Next by Date: Fwd: Re: [WEB SECURITY] (Yadis) yet another distributed identity system
Previous by thread: [WEB SECURITY] Re: Validating new PHP code [DEAD]
Next by thread: Fwd: Re: [WEB SECURITY] (Yadis) yet another distributed identity system
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site