Hi Andi, It started as an internal library so it's advanced to 1.1 level and 2.0 is getting there. I had posted a Zend_Service_Yadis proposal for the purpose (mainly as a standalone element since OpenID adopted it but isn't specific to it) which should have tweaked someone by now. I've been aware of Wez's patch - he had commented on the original proposal on my blog. Having the god awfully slow DH in openssl with PHP 5.3 will be great.
It's almost a curse when two groups have piled ahead duplicating effort on such a library. The code I have is intended to be open sourced so it seemed a natural fit given I've been using the framework so much. Hindsight being so easy, I wish this had been disclosed before now. It's a little frustrating that mine has been informally proposed to the list, discussed, blogged about several times, posted again to the openid list as a heads up, and the Yadis portion even formally proposed on the ZF Wiki and still nobody working on this effort picked up on it. It's been sitting in plain sight since late February; a google search for "zend framework openid" sticks me out like a sore thumb for the whole of page one. That's the extent of my venting for today ;). While I'm very disappointed something so obvious was missed, C'est juste la vie. Under the assumption this is an officially sponsored effort I withdraw my proposal and will assume the same for Zend_Service_Yadis and the other components noted in my email. I now just need to rethink how it enters the open source ecosystem outside the framework. I have invested a too much time to its development to just let it sit on a handful of servers as a write-off. I will of course offer feedback on Dmitry's proposal when it's published. I have had tons of feedback myself since starting my own proposal effort and having a well designed PHP5 library (or two apparently ;)) was a popular need. Best of luck, Pádraic Pádraic Brady http://blog.astrumfutura.com http://www.patternsforphp.com ----- Original Message ---- From: Andi Gutmans <[EMAIL PROTECTED]> To: Pádraic Brady <[EMAIL PROTECTED]>; Zend Framework General <[email protected]> Cc: Dmitry Stogov <[EMAIL PROTECTED]> Sent: Saturday, June 16, 2007 6:29:18 AM Subject: RE: [fw-general] The road to Zend_Service/Auth_Openid DIV { MARGIN:0px;} Hi Padraic, I didn't realize you have been working on this (I must have missed the post). We have already made very good progress in implementing both OpenId 2.0 compliant client and server. This includes patches to ext/openssl (for future inclusion in PHP) and for those who don't get the updated version both GMP and BCMath support (you are right the latter is awefully slow). Dmitry (cc'ed) has been spearheading this and is just working on posting a proposal on the Wiki. It'd be great if you can review both the proposal and give us feedback and also look at the code and see if you think there's anything we should improve. I appreciate your efforts and am looking forward to having you in the feedback loop! Best, Andi From: Pádraic Brady [mailto:[EMAIL PROTECTED] Sent: Friday, June 15, 2007 3:45 PM To: Zend Framework General Subject: [fw-general] The road to Zend_Service/Auth_Openid Hi all, As posted a few months back, I had started working on a PHP5 OpenID library that I wished to port to the framework since it seemed a reasonable addition given our web app focus. Given the complexity of OpenID as a distributed authentication service there are numerous components. Each by itself is actually not that hard, most of the problem is putting them together with a solid set of integration tests. These include wrappers for large integer (> 32 bits) libraries since bcmath alone is awfully slow for this compared to gmp, cryptographic algorithms, and even a separate extensible web service (already proposed on the wiki). The list of possible sub-components that could feasibly get started with include: Zend_Service_Yadis Zend_Crypt_DiffieHellman Zend_Crypt_Rsa Zend_Crypt_Hmac Zend_Crypt_Xtea Zend_Math_BigInteger An actual Zend_Service_Openid would need all of the above as well as general file parsers. I was looking for an opinion as to whether these are acceptable as individual proposals. It seems to make sense rendering OpenID into it's reusable constituent parts rather lumping everything (and inevitably burying/hiding it) into the Openid namespace. I don't want to go spamming the wiki with 6+ proposals until I get a little feedback either :). Any thoughts/comments on this, or OpenID in the ZF in general, are appreciated. :) The primary goal is to implement OpenID 1.1 and 2.0 to the extent necessary to authenticate. The basis of an OpenID server can be considered after. Paddy Pádraic Brady http://blog.astrumfutura.com http://www.patternsforphp.com Food fight? Enjoy some healthy debate in the Yahoo! Answers Food & Drink Q&A. ____________________________________________________________________________________ Pinpoint customers who are looking for what you sell. http://searchmarketing.yahoo.com/
