Hi Padraic,
Yes it's unfortunate and had I realized I would have had Dmitry work with you
on this. I didn't know very much re: OpenId so I had no idea Yadis was
connected.
Also, I asked one of our core PHP contributors to look at this because I wanted
to make sure that if we have to extend OpenSSL for best support that we'd be
able to do that (which would be a side benefit of this project).
I'll ask Dmitry to connect with you and share the work we have done. There's a
chance there might be functionality like Yadis which we haven't implemented yet.
Best,
Andi
________________________________
From: Pádraic Brady [mailto:[EMAIL PROTECTED]
Sent: Saturday, June 16, 2007 4:13 AM
To: Andi Gutmans
Cc: Zend Framework General
Subject: Re: [fw-general] The road to Zend_Service/Auth_Openid
Hi Andi,
It started as an internal library so it's advanced to 1.1 level and 2.0
is getting there. I had posted a Zend_Service_Yadis proposal for the purpose
(mainly as a standalone element since OpenID adopted it but isn't specific to
it) which should have tweaked someone by now. I've been aware of Wez's patch -
he had commented on the original proposal on my blog. Having the god awfully
slow DH in openssl with PHP 5.3 will be great.
It's almost a curse when two groups have piled ahead duplicating effort
on such a library. The code I have is intended to be open sourced so it seemed
a natural fit given I've been using the framework so much.
Hindsight being so easy, I wish this had been disclosed before now.
It's a little frustrating that mine has been informally proposed to the list,
discussed, blogged about several times, posted again to the openid list as a
heads up, and the Yadis portion even formally proposed on the ZF Wiki and still
nobody working on this effort picked up on it. It's been sitting in plain sight
since late February; a google search for "zend framework openid" sticks me out
like a sore thumb for the whole of page one. That's the extent of my venting
for today ;).
While I'm very disappointed something so obvious was missed, C'est
juste la vie. Under the assumption this is an officially sponsored effort I
withdraw my proposal and will assume the same for Zend_Service_Yadis and the
other components noted in my email. I now just need to rethink how it enters
the open source ecosystem outside the framework. I have invested a too much
time to its development to just let it sit on a handful of servers as a
write-off.
I will of course offer feedback on Dmitry's proposal when it's
published. I have had tons of feedback myself since starting my own proposal
effort and having a well designed PHP5 library (or two apparently ;)) was a
popular need.
Best of luck,
Pádraic
Pádraic Brady
http://blog.astrumfutura.com
http://www.patternsforphp.com
----- Original Message ----
From: Andi Gutmans <[EMAIL PROTECTED]>
To: Pádraic Brady <[EMAIL PROTECTED]>; Zend Framework General
<[email protected]>
Cc: Dmitry Stogov <[EMAIL PROTECTED]>
Sent: Saturday, June 16, 2007 6:29:18 AM
Subject: RE: [fw-general] The road to Zend_Service/Auth_Openid
Hi Padraic,
I didn't realize you have been working on this (I must have missed the
post).
We have already made very good progress in implementing both OpenId 2.0
compliant client and server. This includes patches to ext/openssl (for future
inclusion in PHP) and for those who don't get the updated version both GMP and
BCMath support (you are right the latter is awefully slow).
Dmitry (cc'ed) has been spearheading this and is just working on
posting a proposal on the Wiki. It'd be great if you can review both the
proposal and give us feedback and also look at the code and see if you think
there's anything we should improve.
I appreciate your efforts and am looking forward to having you in the
feedback loop!
Best,
Andi
________________________________
From: Pádraic Brady [mailto:[EMAIL PROTECTED]
Sent: Friday, June 15, 2007 3:45 PM
To: Zend Framework General
Subject: [fw-general] The road to Zend_Service/Auth_Openid
Hi all,
As posted a few months back, I had started working on a PHP5
OpenID library that I wished to port to the framework since it seemed a
reasonable addition given our web app focus. Given the complexity of OpenID as
a distributed authentication service there are numerous components. Each by
itself is actually not that hard, most of the problem is putting them together
with a solid set of integration tests.
These include wrappers for large integer (> 32 bits) libraries
since bcmath alone is awfully slow for this compared to gmp, cryptographic
algorithms, and even a separate extensible web service (already proposed on the
wiki). The list of possible sub-components that could feasibly get started with
include:
Zend_Service_Yadis
Zend_Crypt_DiffieHellman
Zend_Crypt_Rsa
Zend_Crypt_Hmac
Zend_Crypt_Xtea
Zend_Math_BigInteger
An actual Zend_Service_Openid would need all of the above as
well as general file parsers. I was looking for an opinion as to whether these
are acceptable as individual proposals. It seems to make sense rendering OpenID
into it's reusable constituent parts rather lumping everything (and inevitably
burying/hiding it) into the Openid namespace. I don't want to go spamming the
wiki with 6+ proposals until I get a little feedback either :).
Any thoughts/comments on this, or OpenID in the ZF in general,
are appreciated. :) The primary goal is to implement OpenID 1.1 and 2.0 to the
extent necessary to authenticate. The basis of an OpenID server can be
considered after.
Paddy
Pádraic Brady
http://blog.astrumfutura.com
http://www.patternsforphp.com
________________________________
Food fight?
<http://answers.yahoo.com/dir/index;_ylc=X3oDMTFvbGNhMGE3BF9TAzM5NjU0NTEwOARfcwMzOTY1NDUxMDMEc2VjA21haWxfdGFnbGluZQRzbGsDbWFpbF90YWcx?link=ask&sid=396545367>
Enjoy some healthy debate
in the Yahoo! Answers Food & Drink Q&A.
<http://answers.yahoo.com/dir/index;_ylc=X3oDMTFvbGNhMGE3BF9TAzM5NjU0NTEwOARfcwMzOTY1NDUxMDMEc2VjA21haWxfdGFnbGluZQRzbGsDbWFpbF90YWcx?link=ask&sid=396545367>
________________________________
Yahoo! oneSearch: Finally, mobile search that gives answers
<http://us.rd.yahoo.com/evt=48252/*http://mobile.yahoo.com/mobileweb/onesearch?refer=1ONXIC>
, not web links.
