IRC Log for #openid on 2008-02-04

Timestamps are in UTC.

  1. [00:51:33] * michelp (n=michelp@69-30-72-119.dq1sf.easystreet.com) has joined #openid
  2. [01:05:58] * shigeta (n=shigeta@124.32.114.226) has joined #openid
  3. [01:39:40] <anchovyman> Anyone on this list from yahoo? I have a bug to report....
  4. [02:25:37] * flaccid_ (n=flaccid@123-243-80-114.tpgi.com.au) Quit (Connection timed out)
  5. [02:50:32] * danbri (n=danbri@adsl-67-119-199-25.dsl.pltn13.pacbell.net) has joined #openid
  6. [03:03:24] <PibbRelay> <Blueberry> You guys should get someone to update http://openid.net/get/ with yahoo
  7. [03:08:21] <PibbRelay> <ozamosi> I looked at that list today, and noticed that several of the providers that pibb provides "shortcuts" for isn't avalible on that list.
  8. [03:08:32] <PibbRelay> <ozamosi> I remember yahoo and blogger - there may have been one more.
  9. [03:10:43] * danbri (n=danbri@unaffiliated/danbri) Quit (Read error: 104 (Connection reset by peer))
  10. [03:21:35] * danbri (n=danbri@adsl-67-119-199-25.dsl.pltn13.pacbell.net) has joined #openid
  11. [03:21:52] * danbri (n=danbri@unaffiliated/danbri) Quit (Read error: 104 (Connection reset by peer))
  12. [03:22:54] * priidu_ (n=aa@220.195.52.211) Quit (Read error: 110 (Connection timed out))
  13. [03:32:36] * danbri (n=danbri@adsl-67-119-199-25.dsl.pltn13.pacbell.net) has joined #openid
  14. [03:40:34] * danbri (n=danbri@unaffiliated/danbri) Quit (Read error: 104 (Connection reset by peer))
  15. [03:41:31] * danbri (n=danbri@adsl-67-119-199-25.dsl.pltn13.pacbell.net) has joined #openid
  16. [03:42:10] * danbri (n=danbri@unaffiliated/danbri) Quit (Read error: 104 (Connection reset by peer))
  17. [03:52:34] * danbri (n=danbri@adsl-67-119-199-25.dsl.pltn13.pacbell.net) has joined #openid
  18. [03:53:31] * danbri (n=danbri@unaffiliated/danbri) Quit (Read error: 104 (Connection reset by peer))
  19. [03:58:28] * Osurac (i=mikeg@adsl-074-182-167-053.sip.hsv.bellsouth.net) Quit ()
  20. [04:03:35] * danbri (n=danbri@adsl-67-119-199-25.dsl.pltn13.pacbell.net) has joined #openid
  21. [04:04:02] * danbri (n=danbri@unaffiliated/danbri) Quit (Read error: 104 (Connection reset by peer))
  22. [04:10:18] * flaccid_ (n=flaccid@123-243-80-114.tpgi.com.au) has joined #openid
  23. [04:18:23] * danbri (n=danbri@adsl-67-119-199-25.dsl.pltn13.pacbell.net) has joined #openid
  24. [04:18:30] * danbri (n=danbri@unaffiliated/danbri) Quit (Remote closed the connection)
  25. [04:32:44] * stub (n=stub@canonical/launchpad/stub) has joined #openid
  26. [04:59:41] * forsaken (n=eric@c-71-62-234-185.hsd1.va.comcast.net) Quit (Read error: 110 (Connection timed out))
  27. [05:39:17] * _keturn (n=acapnoti@pdpc/supporter/sustaining/keturn) Quit (Read error: 110 (Connection timed out))
  28. [05:39:35] * rorek (n=rorek@c-71-236-228-127.hsd1.or.comcast.net) Quit (Read error: 110 (Connection timed out))
  29. [05:40:10] * jrbot (n=supybot@c-71-236-228-127.hsd1.or.comcast.net) Quit (Read error: 110 (Connection timed out))
  30. [05:55:36] * forsaken (n=eric@c-71-62-234-185.hsd1.va.comcast.net) has joined #openid
  31. [06:01:11] <tjohns> ozamosi: Ya, I just went through the list of shortcuts on Pibb, Blogger and Yahoo are the only ones missing
  32. [06:55:53] * rorek (n=rorek@c-71-236-228-127.hsd1.or.comcast.net) has joined #openid
  33. [06:56:15] * _keturn (n=acapnoti@pdpc/supporter/sustaining/keturn) has joined #openid
  34. [06:56:59] * jrbot (n=supybot@c-71-236-228-127.hsd1.or.comcast.net) has joined #openid
  35. [07:20:33] * polyonymous_ (n=hacker@pD9538E38.dip0.t-ipconnect.de) Quit (Read error: 101 (Network is unreachable))
  36. [07:23:35] * polyonymous_ (n=hacker@pD953AE3A.dip0.t-ipconnect.de) has joined #openid
  37. [07:57:47] * Didac (n=Nightmar@141.Red-83-45-167.dynamicIP.rima-tde.net) has joined #openID
  38. [07:58:31] * Mitsurugi (n=Nightmar@162.Red-83-61-239.staticIP.rima-tde.net) Quit (Read error: 110 (Connection timed out))
  39. [08:15:51] * idnar (i=mithrand@unaffiliated/idnar) Quit (Read error: 110 (Connection timed out))
  40. [08:22:31] * idnar (i=mithrand@unaffiliated/idnar) has joined #openid
  41. [08:58:38] * anchovyman (n=shane@nat/ibm/x-c843c211ec5fcbf4) Quit ("Trillian (http://www.ceruleanstudios.com")
  42. [09:33:21] <PibbRelay> <ahazu> Hi.. I can't seem to find anything about Single Logout when it comes to OpenID.. Is there any such functionality planned, or is this a non-issue?
  43. [09:37:21] <PibbRelay> <Martin> OpenID is currently not even full Single SignOn, it is more like 'single username and password pair'
  44. [09:37:44] <PibbRelay> <Martin> You still depend on services to do the right thing once they get your single username/password.
  45. [09:41:06] <PibbRelay> <ahazu> Thats true, but is there currently any plans or suggestions for Single Logout?
  46. [09:42:30] <PibbRelay> <Martin> AFAIK not
  47. [09:43:02] <PibbRelay> <ahazu> Ok. Thank you.. :)
  48. [09:49:38] <PibbRelay> <ahazu> Do you know of any other known "big" security issues when it comes to OpenID? Except the lack of SLO...
  49. [09:51:52] * flaccid__ (n=flaccid@123-243-80-114.tpgi.com.au) has joined #openid
  50. [09:52:14] <flaccid__> not sure if that message got through
  51. [09:52:16] <flaccid__> [20:49] <flaccid_> what qualifies as true SSO ?
  52. [10:05:58] * hillsy (i=shaunh@npfit2.dh.bytemark.co.uk) has joined #openid
  53. [10:07:01] * flaccid_ (n=flaccid@123-243-80-114.tpgi.com.au) Quit (Read error: 110 (Connection timed out))
  54. [10:07:02] <polyonymous_> flaccid_, perhaps being logged in on one site when you're logged in on the other? Without saying who you are?
  55. [10:18:24] * flaccid_ (n=flaccid@123-243-80-114.tpgi.com.au) has joined #openid
  56. [10:19:20] <polyonymous_> flaccid_, perhaps being logged in on one site when you're logged in on the other? Without saying who you are?
  57. [10:21:47] * flaccid_ thinks
  58. [10:25:25] * dazjorz (n=dazjorz@server.dazjorz.com) has left #openid
  59. [10:33:01] * flaccid__ (n=flaccid@123-243-80-114.tpgi.com.au) Quit (Connection timed out)
  60. [10:34:28] * a9913 (n=a9913@unaffiliated/a9913) has joined #openid
  61. [10:38:22] * a9913_ (n=a9913@unaffiliated/a9913) has joined #openid
  62. [10:56:04] * a9913 (n=a9913@unaffiliated/a9913) Quit (Read error: 113 (No route to host))
  63. [10:57:36] * a9913_ (n=a9913@unaffiliated/a9913) Quit ("Leaving")
  64. [11:00:24] * tjohns (n=tjohns@cpe-76-170-58-80.socal.res.rr.com) Quit ()
  65. [12:19:01] * imajes (n=james@82.211.85.236) has joined #openid
  66. [12:24:09] * stub (n=stub@canonical/launchpad/stub) Quit (Read error: 113 (No route to host))
  67. [13:03:56] * Acro (i=acro@unaffiliated/acro) Quit (Read error: 104 (Connection reset by peer))
  68. [13:10:56] * Acro (i=acro@unaffiliated/acro) has joined #openid
  69. [13:30:18] * shigeta (n=shigeta@124.32.114.226) Quit ("Leaving...")
  70. [14:34:52] * imajes_ (n=james@82.211.85.236) has joined #openid
  71. [14:41:40] * imajes (n=james@82.211.85.236) Quit (Read error: 110 (Connection timed out))
  72. [14:54:16] * imajes_ is now known as imajes
  73. [15:54:18] * michelp (n=michelp@69-30-72-119.dq1sf.easystreet.com) Quit (Read error: 104 (Connection reset by peer))
  74. [16:21:14] * flaccid__ (n=flaccid@123-243-80-114.tpgi.com.au) has joined #openid
  75. [16:35:52] * flaccid_ (n=flaccid@123-243-80-114.tpgi.com.au) Quit (Read error: 110 (Connection timed out))
  76. [16:41:11] * forsaken (n=eric@c-71-62-234-185.hsd1.va.comcast.net) Quit (Read error: 104 (Connection reset by peer))
  77. [17:12:56] <PibbRelay> <harningt> HTTPS support - is there any requirement that openid 1.1 be capable of using identities w/ https ?
  78. [17:29:35] * michelp (n=michelp@64.122.195.246) has joined #openid
  79. [17:51:46] * MrTopf (i=hidden-u@oecher.info) has joined #openid
  80. [17:56:41] * idnar (i=mithrand@unaffiliated/idnar) Quit (Connection timed out)
  81. [17:57:25] * pvandewyngaerde (n=pvandewy@119.224-240-81.adsl-dyn.isp.belgacom.be) has joined #openid
  82. [17:58:20] * idnar (i=mithrand@unaffiliated/idnar) has joined #openid
  83. [18:00:34] * pvandewyngaerde (n=pvandewy@119.224-240-81.adsl-dyn.isp.belgacom.be) Quit (Read error: 131 (Connection reset by peer))
  84. [18:02:25] * pvandewyngaerde (n=pvandewy@177.73-200-80.adsl-dyn.isp.belgacom.be) has joined #openid
  85. [18:14:15] <PibbRelay> <keturn> I consider that a requirement. I know there are plenty of deployments that don't conform to that though.
  86. [18:20:18] * Acro (i=acro@unaffiliated/acro) Quit (Read error: 110 (Connection timed out))
  87. [18:35:46] * imajes (n=james@82.211.85.236) Quit ()
  88. [19:30:52] * sheesh3 (n=sheesh3@roaming-229-145.nss.udel.edu) has joined #openid
  89. [19:32:22] <PibbRelay> <harningt> thanks, so I take it you would suggest that an 'automatic' redirect from an http://openidurl -> https://openidurl would not be good (or is there some good way to check for capability?)
  90. [19:38:03] * pvandewyngaerde (n=pvandewy@177.73-200-80.adsl-dyn.isp.belgacom.be) Quit (Remote closed the connection)
  91. [19:56:01] * imajes (n=james@87-194-107-123.bethere.co.uk) has joined #openid
  92. [19:58:07] <PibbRelay> <VxJasonxV> that is not good, because IdP lookups don't follow redirects best I remember
  93. [19:58:08] <PibbRelay> <VxJasonxV> (though they may... check the specs)
  94. [19:58:40] <PibbRelay> <VxJasonxV> ideally, the individual will link to their OpenID uri as being: https://foo.bar.url/things
  95. [19:59:01] <PibbRelay> <VxJasonxV> or, in OpenID land, they just say my url is foo.bar.url and the IdP returns the appropriate https://foo.bar.url/user address
  96. [20:00:28] * hillsy (i=shaunh@npfit2.dh.bytemark.co.uk) Quit (Remote closed the connection)
  97. [20:07:18] * sheesh3_ (n=sheesh3@roaming-229-145.nss.udel.edu) has joined #openid
  98. [20:07:48] <PibbRelay> <VxJasonxV> OpenID2* land
  99. [20:09:03] <PibbRelay> <harningt> Hrm... do you mean in the XRDS refer that the URL is an https one?
  100. [20:09:04] <PibbRelay> <harningt> if they enter foo.bar.url, then normalization will make it http://foo.bar.url/
  101. [20:09:13] <PibbRelay> <VxJasonxV> Yes, that is true
  102. [20:09:14] <PibbRelay> <VxJasonxV> https:// != http://
  103. [20:09:45] <PibbRelay> <VxJasonxV> In OpenID2 (for example, with Yahoo!), users can simply enter "yahoo.com" as their url, and yahoo will respond to the RP with the proper identifier
  104. [20:12:43] <PibbRelay> <harningt> Hm, that mode seems to make sense... since in OpenID2 its more specific that HTTPS is supposed to be valid..
  105. [20:14:40] * jrbot (n=supybot@c-71-236-228-127.hsd1.or.comcast.net) Quit (Nick collision from services.)
  106. [20:14:52] * jrbot (n=supybot@c-71-236-228-127.hsd1.or.comcast.net) has joined #openid
  107. [20:15:42] * Cody`macbook (n=Cody@74-129-166-74.dhcp.insightbb.com) has joined #openid
  108. [20:22:00] * sheesh3 (n=sheesh3@roaming-229-145.nss.udel.edu) Quit (Read error: 110 (Connection timed out))
  109. [20:25:47] <PibbRelay> <keturn> whether or not you use an automatic redirect http -> https on your identifier URLs depends on whether you place more priority on working with as many RPs as possible (even if some of them are kind of broken) or on the security of your users. You could go either way.
  110. [20:27:01] * LEW21 (n=lew21@ip-89.171.103.226.crowley.pl) has joined #openid
  111. [20:28:47] <LEW21> Does anybody have any idea why ClaimID doesn't work for me? I'm trying to log to any site with it, it redirects me to the login page, and then to the ClaimID User Control Panel
  112. [20:28:57] * sheesh3_ (n=sheesh3@roaming-229-145.nss.udel.edu) Quit ()
  113. [20:28:59] <PibbRelay> <keturn> OpenID is reasonably well protected against forgery without HTTPS, but insisting on HTTPS would give you more protection against eavesdropping and certain DNS-based attacks. (although, again, protection from DNS based attacks relies on the RP doing things correctly.)
  114. [20:32:11] <LEW21> ??
  115. [20:33:11] <_keturn> I don't see anyone from ClaimID on the channel right now
  116. [20:42:51] <LEW21> OK, that was problem with cookies
  117. [20:47:11] * LEW21 (n=lew21@ip-89.171.103.226.crowley.pl) has left #openid
  118. [20:47:50] * Acro (i=acro@unaffiliated/acro) has joined #openid
  119. [21:03:58] * jrbot (n=supybot@c-71-236-228-127.hsd1.or.comcast.net) Quit (Nick collision from services.)
  120. [21:04:13] * jrbot (n=supybot@c-71-236-228-127.hsd1.or.comcast.net) has joined #openid
  121. [21:05:40] * pvandewyngaerde (n=pvandewy@184.70-241-81.adsl-dyn.isp.belgacom.be) has joined #openid
  122. [21:29:20] * forsaken (n=eric@192.65.245.100) has joined #openid
  123. [21:30:16] * Didac is now known as Mitsurugi
  124. [22:03:48] * MrTopf (i=hidden-u@oecher.info) Quit ()
  125. [22:29:07] * pvandewyngaerde (n=pvandewy@184.70-241-81.adsl-dyn.isp.belgacom.be) Quit (Remote closed the connection)
  126. [22:36:12] * imajes (n=james@87-194-107-123.bethere.co.uk) Quit (Read error: 104 (Connection reset by peer))
  127. [22:42:34] * hackradt (n=thiago@201-92-38-72.dsl.telesp.net.br) has joined #openid
  128. [22:48:02] <hackradt> Hi there! I'm new in this OpenID thing. So, I have a question that should be dumb, but....Here it is: I have accounts at 4 services that are OpenID servers. Does that mean I have 4 OpenID accounts? What if I want to have an account with MyOpenID.com instead? How can I play with all that number of accounts if the key quesiton here is to have only one??????
  129. [22:49:15] * imajes (n=james@87-194-107-123.bethere.co.uk) has joined #openid
  130. [22:50:05] <hackradt> Anyone?
  131. [22:56:58] * GabeW isn't here, but acknowledges your question ;)
  132. [22:57:05] <GabeW> give it a minute, people are here pretty often
  133. [22:57:43] <GabeW> thats what I told imajes before in a different channel
  134. [23:01:14] <hackradt> ok!:) 10x
  135. [23:03:24] <PibbRelay> <ozamosi> That means you have four. If you register again at myopenid it would mean you have five. The key question isn't to have only one - it's more to not have to register everywhere all the time. It also enables data migration, so you won't have to type full name, nick, email, etc, etc over and over.
  136. [23:06:26] <hackradt> Hmmm..Ok! But if I login at any site with one of that 4 (or 5), my ID can be changed? Or I'll have to work with that one 4ever?
  137. [23:07:14] * flaccid_ (n=flaccid@123-243-80-114.tpgi.com.au) has joined #openid
  138. [23:14:56] * danbri (n=danbri@216.239.45.19) has joined #openid
  139. [23:17:50] <PibbRelay> <ozamosi> That depends on the site.
  140. [23:18:21] <PibbRelay> <ozamosi> You can usually attach multiple OpenID:s to a single user account, but that is not always the case.
  141. [23:21:52] * flaccid__ (n=flaccid@123-243-80-114.tpgi.com.au) Quit (Read error: 110 (Connection timed out))
  142. [23:32:24] <hackradt> Great And what will happen if Google, tomorrow, become a OpenID Consumer? My Google Account will be
  143. [23:32:37] <hackradt> atached with my OpenID?
  144. [23:32:40] <hackradt> Or vice versa?
  145. [23:34:14] <hackradt> Yeap!
  146. [23:34:15] <hackradt> :)
  147. [23:35:09] * hackradt (n=thiago@201-92-38-72.dsl.telesp.net.br) Quit ()
  148. [23:37:30] <PibbRelay> <ozamosi> *scratch head* Now you're confusing me. If they became a OpenID consumer, you would be able to log in to your Google Account with your OpenID. You can already log in with OpenID to make comments on blogger (which is google operated), so Google is actually a OpenID consumer already, just not for the google accounts part.
  149. [23:38:34] <PibbRelay> <ozamosi> There's not necessarily any merging of accounts taking place at all.

These logs were automatically created by OpenIDlogbot on chat.freenode.net using a modified version of the Java IRC LogBot.