Sunday, April 1, 2007

open id thoughts

I joined the dot net open id group over at Google code.

I am interested in a C# open id implementation, but more specifically trying to figure out whether there would be an easier way of making it part of a smart client application.

As i posted there. ...

One thing that i'd like to hear more thoughts on is Open ID in a smart
client enviroment - fundamentally because of the trust mechanism it
uses we have to be redirected to the provider and then redirected back
to the consumer.

However, surely an extensible mechanism should be considered
here to allow trusted Open ID providers to provide authentication? A trusted
open id client could call the web services of an open id provider
directly (or proxied via the owner of the application).

I'd love to be able to add open id to my client app and the general
thoughts around it at the moment are "that's not what it's for/how it
is supposed to work" - which is kinda odd for something the is so
fundamental as an identity solution.

No comments: