Martin v. Löwis wrote:
Fred can use his own OpenID ‘fred.example.org’, initially set up behind
the scenes to delegate to ‘bigcorp.example.com’ as the provider. Any
time he likes, Fred can *change* which provider is actually used for
authentication, without changing his OpenID. PyPI gets to find out which
provider Fred is using for the identity ‘fred.example.org’ each time it
performs discovery on that identity, not before.
Does that actually work? What actual OpenID provider allows me to claim
'fred.example.org' as my OpenID? Sure, one can use authentication
delegation, by means of the openid.delegate link. However, that still
doesn't make the claimed identifier fred.example.com, but
bigcorp.example.com/fred.
So the only thing users gain with delegation is that they don't need
to remember the tedious URL that their provider assigns them. When they
switch providers, their claimed ID will still change, and they'll have
to reregister in all services they use.
No, the whole point of delegation is that I can use voidspace.org.uk as
my openid - backed with any provider I want. I can then use
voidspace.org.uk as my openid and not be tied to any provider.
I'm afraid the PyPI implementation of openid is useless to me too - I
want to use voidspace.org.uk as my openid but it doesn't let me.
All the best,
Michael
Please correct me if I'm wrong.
Regards,
Martin
_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
http://mail.python.org/mailman/options/python-dev/fuzzyman%40voidspace.org.uk
--
http://www.ironpythoninaction.com/
http://www.voidspace.org.uk/blog
_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
