IRC Log for #openid on 2008-06-19

• Index
• Next: 2008-06-20
• Previous: 2008-06-18

Timestamps are in UTC.

1. [00:17:58] * metadaddy (n=metadadd@c-24-6-62-207.hsd1.ca.comcast.net) has joined #openid
2. [00:38:19] * shigeta (n=shigeta@124.32.114.226) has joined #openid
3. [00:51:15] * metadaddy is now known as metadaddy_away
4. [00:52:15] * desudesu (n=me@unaffiliated/desu) has joined #openid
5. [00:52:45] * desu (n=me@unaffiliated/desu) Quit (Nick collision from services.)
6. [00:52:49] * desudesu is now known as desu
7. [01:02:38] * hikoz (n=hikoz@27.183.244.43.ap.yournet.ne.jp) has joined #openid
8. [01:23:44] * mtrichardson (n=michaelr@70.99.220.242) Quit ()
9. [01:32:56] * desudesu (n=me@unaffiliated/desu) has joined #openid
10. [01:33:57] * desu (n=me@unaffiliated/desu) Quit (Nick collision from services.)
11. [01:34:01] * desudesu is now known as desu
12. [01:58:57] * MacTed (n=Thud@208.255.74.74) has joined #openid
13. [01:58:57] <jibot> MacTed is a Technology Evangelist from http://www.openlinksw.com/ and a Troublemaker from Way Back
14. [02:04:05] * MacTed (n=Thud@208.255.74.74) Quit ("*bamf*")
15. [02:13:01] * desudesu (n=me@unaffiliated/desu) has joined #openid
16. [02:13:25] * desu (n=me@unaffiliated/desu) Quit (Nick collision from services.)
17. [02:13:27] * desudesu is now known as desu
18. [02:24:01] * desu (n=me@unaffiliated/desu) Quit ("Connection reset by peer pressure")
19. [02:37:25] * doctormo (n=doctormo@pool-68-163-139-10.bos.east.verizon.net) Quit (Read error: 110 (Connection timed out))
20. [02:48:11] * flaccid (n=flaccid@121.216.28.237) has joined #openid
21. [02:48:11] <jibot> flaccid is an OpenID enthusiast
22. [02:48:24] * stub (n=stub@ppp-58-8-211-175.revip2.asianet.co.th) has joined #openid
23. [04:22:43] * conner_bw (n=conner_b@70.49.122.20) has joined #openid
24. [04:24:41] * slango (n=slango@d192-24-63-123.try.wideopenwest.com) Quit ()
25. [04:37:20] * conner_bw (n=conner_b@70.49.122.20) Quit ()
26. [04:58:23] * stub (n=stub@canonical/launchpad/stub) Quit ("Leaving.")
27. [05:15:41] * samsm (n=samsm@c-98-242-68-234.hsd1.ga.comcast.net) Quit (Read error: 104 (Connection reset by peer))
28. [05:39:22] * metadaddy_away (n=metadadd@c-24-6-62-207.hsd1.ca.comcast.net) Quit ()
29. [05:51:44] * shigeta_ (n=shigeta@124.32.114.226) has joined #openid
30. [05:59:04] * Dallas (n=dallas@c-71-225-154-80.hsd1.pa.comcast.net) Quit (Read error: 104 (Connection reset by peer))
31. [05:59:13] * Dallas (n=dallas@c-71-225-154-80.hsd1.pa.comcast.net) has joined #openid
32. [06:00:20] * MacTed (n=Thud@208.255.74.74) has joined #openid
33. [06:00:20] <jibot> MacTed is a Technology Evangelist from http://www.openlinksw.com/ and a Troublemaker from Way Back
34. [06:00:37] * MacTed (n=Thud@208.255.74.74) Quit (Remote closed the connection)
35. [06:04:07] * shigeta__ (n=shigeta@124.32.114.226) has joined #openid
36. [06:08:45] * shigeta (n=shigeta@124.32.114.226) Quit (Read error: 110 (Connection timed out))
37. [06:20:14] * shigeta_ (n=shigeta@124.32.114.226) Quit (Read error: 110 (Connection timed out))
38. [06:31:31] * stub (n=stub@ppp-58-8-211-175.revip2.asianet.co.th) has joined #openid
39. [06:37:59] * flaccid (n=flaccid@121.216.28.237) Quit (Remote closed the connection)
40. [06:52:06] * flaccid (n=flaccid@121.216.28.237) has joined #openid
41. [06:52:06] <jibot> flaccid is an OpenID enthusiast
42. [07:02:35] * bortzmeyer (i=bortzmey@batilda.nic.fr) has joined #openid
43. [07:02:35] * flaccid (n=flaccid@121.216.28.237) Quit ("Konversation terminated!")
44. [07:30:45] * bens_ (n=bens@gateb.mh.bbc.co.uk) has joined #openid
45. [07:50:35] * desu (n=me@unaffiliated/desu) has joined #openid
46. [07:51:26] * desu (n=me@unaffiliated/desu) Quit (Read error: 104 (Connection reset by peer))
47. [07:51:42] * desu (n=me@unaffiliated/desu) has joined #openid
48. [07:54:03] * stu1 (n=stub@ppp-58-8-14-205.revip2.asianet.co.th) has joined #openid
49. [07:54:03] * stub (n=stub@canonical/launchpad/stub) Quit (Nick collision from services.)
50. [07:54:22] * stu1 is now known as stub
51. [08:00:27] * flaccid (n=flaccid@121.216.28.237) has joined #openid
52. [08:00:27] <jibot> flaccid is an OpenID enthusiast
53. [08:10:57] * desudesu (n=me@unaffiliated/desu) has joined #openid
54. [08:11:30] * desu (n=me@unaffiliated/desu) Quit (Nick collision from services.)
55. [08:11:34] * desudesu is now known as desu
56. [08:15:11] * hillsy (n=shhi2@npfit3.dh.bytemark.co.uk) has joined #openid
57. [09:08:45] * desudesu (n=me@unaffiliated/desu) has joined #openid
58. [09:10:01] * desu (n=me@unaffiliated/desu) Quit (Nick collision from services.)
59. [09:10:03] * desudesu is now known as desu
60. [09:16:49] * desudesu (n=me@unaffiliated/desu) has joined #openid
61. [09:16:54] * desu (n=me@unaffiliated/desu) Quit (Nick collision from services.)
62. [09:17:08] * desudesu is now known as desu
63. [09:38:06] * luluru1 (n=liu@219.106.248.145) has joined #openid
64. [09:38:10] * shigeta__ (n=shigeta@124.32.114.226) Quit ("Leaving...")
65. [09:45:11] * desudesu (n=me@unaffiliated/desu) has joined #openid
66. [09:45:40] * desu (n=me@unaffiliated/desu) Quit (Nick collision from services.)
67. [09:45:48] * desudesu is now known as desu
68. [09:57:52] <hillsy> what are some of the alternatives to openid?
69. [09:58:01] * hillsy needs to do a business case
70. [09:58:14] <hillsy> pubcookie, shibboleth....?
71. [09:58:24] <flaccid> depends what you regard as an alternative
72. [09:58:44] <hillsy> fair point
73. [09:59:00] <hillsy> things that are important to our use case:
74. [09:59:17] <hillsy> good doco for integrators
75. [09:59:29] <hillsy> relatively simple
76. [09:59:34] <hillsy> plays nice with firewalls
77. [09:59:50] <hillsy> and hetergenous networks
78. [10:00:35] <hillsy> pubcookie seems to be the major alternative, just not sure if I'm missing anything else
79. [10:01:24] <hillsy> oh, and it's just for websites. not network logins or anything.
80. [10:03:14] <flaccid> let me check out pubcookie first
81. [10:04:02] <flaccid> but the problem with your study here is that if its just for websites then this alternative would need to be supported by everyone which can only really be done by uptake of openid
82. [10:04:45] <flaccid> and in terms of SSO there are a lot of companies that offer commercial solutions (i used to work for one) but they are not web-centric because of reasons like this
83. [10:05:08] <hillsy> bit of background.... I work for a large organisation that runs a bunch of websites and procures a bunch more
84. [10:05:40] <hillsy> not always hosted in the same place or same platform
85. [10:05:51] <flaccid> shared membership?
86. [10:06:28] <hillsy> would be nice, but not essential
87. [10:06:39] <hillsy> (if you mean sharing lots of user details)
88. [10:06:46] <hillsy> main thing is shared auth
89. [10:06:47] <flaccid> i guess i asked that wrong, users have membership on these different sites
90. [10:07:06] <flaccid> well in your case its about a policy mores
91. [10:07:08] <flaccid> moreso
92. [10:07:21] <flaccid> this is only for your site's members right, not the rest of the world?
93. [10:07:32] <hillsy> yes
94. [10:07:41] <hillsy> sorry, correct
95. [10:07:52] <hillsy> we'd be running an auth service
96. [10:08:03] <hillsy> probably with a whitelist of sites, if we were to use openid
97. [10:08:06] <flaccid> lots of options then, but using openid gives you the option of that login extending to the rest of the web
98. [10:08:29] <flaccid> see thats non-centric..
99. [10:08:44] <johill> this is something that seems to be coming up more and more
100. [10:08:50] <flaccid> oops
101. [10:08:58] <flaccid> i meant your thing is centric
102. [10:09:10] <johill> why would you have openid logins that don't allow people to use them other than on a certain set of websites?
103. [10:09:15] <flaccid> seems people want more security and more control...
104. [10:09:22] <johill> I mean, yes, you can regard openid as just the technology
105. [10:09:27] * Prokur (i=real@89.191.108.2) has joined #openid
106. [10:09:48] <johill> but if it's good enough for all those sites you run yourself, why wouldn't you want your users using it elsewhere?
107. [10:09:59] <Prokur> hello, has somebody used openid enabled on windows ?
108. [10:10:21] <hillsy> johill: interesting point
109. [10:10:57] <johill> of course those sites that you run yourself would be forced to use that particular service (easy to do) but why not extend the offering to other relying parties?
110. [10:11:42] <flaccid> hillsy: its pretty basic to integrate additional policy on your sites and simply map a users openid URI to their accounts on your user database(s)
111. [10:11:58] <flaccid> and you still don't need to run an openid server..
112. [10:12:17] <johill> yeah depends how your stuff works though
113. [10:12:42] <johill> if you want to have central control over who uses what you can't really accept arbitrary openids like my http://johannes.sipsolutions.net/
114. [10:13:09] <hillsy> johill: extending it would be a nice idea, assuming certain organisational/political factors work out ;)
115. [10:13:18] <hillsy> this is interesting
116. [10:13:25] <flaccid> but thats just additional policy which is really just business logic
117. [10:13:38] <johill> yeah
118. [10:13:49] <flaccid> nice photo :)
119. [10:14:01] <johill> but so say each of your users has an openid http://myorg/username
120. [10:14:16] <johill> why would you not allow them to use it on say http://wireless.kernel.org (a wiki that is openid enabled)
121. [10:15:20] <johill> mind you, ubuntu's launchpad for example works that way, its openid provider can only be used by "clued-in" websites since it doesn't swupport discovery. I just don't understand it
122. [10:17:13] <flaccid> and it would be possible to not allow them in the policy of not allowing use of their identifier on the internet in anyway eg. comments on blogs under the the companies domain name
123. [10:18:22] <johill> ? too many nots
124. [10:18:45] <flaccid> couldn't find a way to describe it very well
125. [10:19:16] <flaccid> 'i own a company and i don't want them exposing/using their login on the web'
126. [10:19:43] <hillsy> or maybe, only using it for certain categories of site
127. [10:20:19] <johill> oh ok, you think that's the reason?
128. [10:21:00] <johill> e.g. ubuntu doesn't want people to go around commenting on blogs with their launchpad identifier?
129. [10:21:11] <flaccid> yeah thats a good example
130. [10:21:19] <flaccid> thats what i was meaning yes
131. [10:21:21] <johill> for fear that?
132. [10:21:28] <johill> they could be considered affiliated to launchpad?
133. [10:21:38] <flaccid> yes
134. [10:21:51] <hillsy> depends on the openid provider I guess
135. [10:22:05] <flaccid> im not talking about my personal opinions but rather what control companies and domains will want on their identifiers and employees etc.
136. [10:22:09] <johill> ok I guess that makes some sense
137. [10:22:23] <flaccid> hillsy: well the owner of the identifier rather
138. [10:23:13] <johill> anyway we digressed far ;)
139. [10:23:33] <flaccid> but in terms of open alternatives...
140. [10:23:41] <hillsy> flaccid, yes. guess i was meaning that username.myopenid.com is potentially less sensitive than username.mycompany.com
141. [10:23:43] <flaccid> is it appropriate to discuss commercial ones here
142. [10:24:14] <flaccid> hillsy: well its still comes down to the owner of the URI and take into account delegation..
143. [10:24:28] <johill> pubcookie doesn't seem to work much different from openid?
144. [10:24:45] <hillsy> johill, that was my take on it too
145. [10:24:47] <johill> except it integrates the auth and the session part
146. [10:25:01] <johill> while openid only covers the auth part and you need to write the session part in your own app
147. [10:25:10] <johill> (which might make it easier to convert existing apps)
148. [10:25:17] <flaccid> um thats a pretty vague comparison..
149. [10:25:24] <flaccid> and auth can mean authorisation as well
150. [10:25:57] <johill> ok yeah that was explained badly
151. [10:26:15] <johill> it seems to me that pubcookie includes the session handling (session cookie or whatever)
152. [10:26:39] <johill> while openid requires that the app that requested the login set up a session after having the user come back from their openid provider
153. [10:26:46] <johill> or actually, before that
154. [10:27:03] <johill> so I should have said 'validation' instead of 'auth' maybe
155. [10:27:57] <hillsy> flaccid: re. commercial. commercial is fine for our use case, or did you mean in the channel?
156. [10:28:08] <flaccid> yes in the channel
157. [10:28:11] <johill> also something I notice, pubcookie talks about a 'shared symmetric key' which seems could be a problem
158. [10:28:32] <flaccid> and there is also the assertion word here :)
159. [10:28:48] <flaccid> which might be better used in place validatin in some cases
160. [10:28:59] <johill> yeah, sorry, my lingo-fu is weak
161. [10:29:13] <flaccid> dw, im no spec expert yet !
162. [10:29:52] * SvenDowideit__ (n=SvenDowi@124-171-60-227.dyn.iinet.net.au) has joined #openid
163. [10:30:56] <flaccid> i used to work for IPass and they are centralised and do no web yet i don't think. openid can essentially be used on every platform that can have access to the web to verify the URI owner, so it can interate with any other authentication servers if you wanted
164. [10:31:34] <flaccid> i need to see if someone has made integration with pam and if not, im going to make it one day
165. [10:31:40] <johill> hillsy: of course, you have to consider technicalities too, like are you integrating into existing apps (and which languages are they written in), or writing new apps?
166. [10:32:20] <johill> pubcookie for example seems to have an apache module to do its thing
167. [10:32:34] <johill> that might be easy or hard to use depending on what you need
168. [10:33:12] <hillsy> it's likely to be a combination of old and new apps
169. [10:33:17] <hillsy> mostly new though
170. [10:33:54] <hillsy> not having to specify any type of server-side technology (or minimally specify it) would be helpful
171. [10:34:37] <johill> I can't really speak for anything ;)
172. [10:34:45] <johill> pubcookie _seems_ to require either apache or iis
173. [10:34:54] <hillsy> :)
174. [10:35:18] <johill> openid is available for virtually all platforms and languages (I use it mostly with the janrain python libs, there are ruby, java and probably more libs (perl?))
175. [10:35:51] <hillsy> one of the things I like about OpenID is the decent support for a ton of languages/frameworks
176. [10:36:48] <johill> otoh, if you host it all on apache anyway, such restrictions won't matter to you and you'd look more in terms of 'how easy is it to integrate'
177. [10:37:52] * SunWuKung (n=SunWuKun@S01060016cbc4c705.vc.shawcable.net) Quit ()
178. [10:38:13] <hillsy> hmmm. we host everything on apache/iis (afaik), but it's nice to have the option
179. [10:38:25] <johill> hey there's even a C++ consumer ;)
180. [10:39:43] * hillsy is still liking openid in comparison to pubcookie anyway :)
181. [10:40:25] <johill> or maybe you should just ask yourself "can system X do what I need? (and what do I need exactly?)"
182. [10:40:59] <johill> the stuff you said initially seems to be fulfilled by both afaict
183. [10:41:43] <hillsy> true
184. [10:42:05] <hillsy> I guess I'm trying to work out what other "system X"'s there might be
185. [10:43:06] <johill> yeah, fair enough, but I can't really help you with that; so far openid solved the problems I had :)
186. [10:44:23] <hillsy> I think it would solve ours too
187. [10:44:34] <hillsy> this has been v. interesting
188. [10:46:23] * SvenDowideit_ (n=SvenDowi@twiki/developer/SvenDowideit) Quit (Read error: 101 (Network is unreachable))
189. [10:52:15] <flaccid> yeah i'd recommend making a list of requirements like a checklist and then doing a tick or cross for if openid supports it or can integrate/handle it etc. this will find any caveats in your project if it was done in openid
190. [10:54:48] * Prokur (i=real@89.191.108.2) Quit ("� ��������� ���������� �������� ���������� ��������� � ������������ ��������: �����, ������, ������, ���������, �����, ����, )
191. [11:01:46] * hikoz (n=hikoz@27.183.244.43.ap.yournet.ne.jp) Quit (Read error: 110 (Connection timed out))
192. [11:12:07] * doctormo (n=doctormo@pool-68-163-139-10.bos.east.verizon.net) has joined #openid
193. [11:12:18] * lopnor (n=lopnor@nat.soffritto.org) Quit (Read error: 110 (Connection timed out))
194. [11:21:53] <flaccid> hillsy: i only see caveats in pubcookie doing it on the internet. did you look at possible port problems/
195. [11:22:32] <flaccid> not sure if its designed for internet, but rather internet, thus "open-source software for intra-institutional web authentication" and multiple servers etc.
196. [11:23:30] <hillsy> I haven't seen anything about port problems, though they say multi-domain support is an issue.
197. [11:23:44] * lopnor (n=lopnor@nat.soffritto.org) has joined #openid
198. [11:28:09] * danieljohnlewis (n=danieljo@82-46-89-37.cable.ubr10.azte.blueyonder.co.uk) has joined #openid
199. [11:30:58] <flaccid> hillsy: does it use anything other than port 80 or 443?
200. [11:32:19] <hillsy> not afaict. it's all http(s)+cookie based
201. [11:39:25] <flaccid> cool. just requires a lot of infrastructure compred to openid heh
202. [12:11:10] * stub (n=stub@canonical/launchpad/stub) Quit ("Leaving.")
203. [12:11:57] * desudesu (n=me@unaffiliated/desu) has joined #openid
204. [12:12:53] * desu (n=me@unaffiliated/desu) Quit (Nick collision from services.)
205. [12:12:57] * desudesu is now known as desu
206. [12:24:59] * samsm (n=samsm@c-98-242-68-234.hsd1.ga.comcast.net) has joined #openid
207. [12:32:30] * desu (n=me@unaffiliated/desu) Quit ("Connection reset by peer pressure")
208. [12:36:31] * danieljohnlewis (n=danieljo@82-46-89-37.cable.ubr10.azte.blueyonder.co.uk) Quit ()
209. [12:41:24] * danieljohnlewis (n=danieljo@82-46-89-37.cable.ubr10.azte.blueyonder.co.uk) has joined #openid
210. [13:18:26] * slango (n=slango@d192-24-63-123.try.wideopenwest.com) has joined #openid
211. [13:26:36] * lopnor (n=lopnor@nat.soffritto.org) Quit (Read error: 110 (Connection timed out))
212. [13:33:55] * lopnor (n=lopnor@nat.soffritto.org) has joined #openid
213. [13:57:31] * equalspeterd (i=d1ad35e9@gateway/web/ajax/mibbit.com/x-d3c325f91dc149f8) has joined #openid
214. [13:59:36] * MrTopf (i=hidden-u@oecher.info) has joined #openid
215. [14:00:01] * Chaz6- (n=chaz@cl-26.osl-01.no.sixxs.net) has joined #openid
216. [14:00:24] * doctormo (n=doctormo@pool-68-163-139-10.bos.east.verizon.net) Quit (Read error: 110 (Connection timed out))
217. [14:00:54] * Chaz6 (n=chaz@cl-26.osl-01.no.sixxs.net) Quit (Read error: 101 (Network is unreachable))
218. [14:04:53] * Chaz6- is now known as Chaz6
219. [14:16:28] * doctormo (n=doctormo@66.237.172.227.ptr.us.xo.net) has joined #openid
220. [14:18:44] * brunascle (n=brunascl@38.113.17.3) has joined #openid
221. [14:19:05] <brunascle> I have a question
222. [14:20:11] <brunascle> I'm setting up an RP. suppose someone enters an identifier, e.g. www.mydomain.com, and that containts link attributes for a server and OP local identifier at myopenid.com
223. [14:21:02] <brunascle> after they've authenticated, do i associate their user account on website with www.mydomain.com, or do i associate it with the OP local identifier at myopenid.com? or both?
224. [14:21:08] * danieljohnlewis (n=danieljo@82-46-89-37.cable.ubr10.azte.blueyonder.co.uk) Quit ()
225. [14:41:25] * xpo (n=xpo@nat/af83/x-0e66813c50f6f7d7) has joined #openid
226. [14:49:22] * flaccid (n=flaccid@121.216.28.237) Quit (Remote closed the connection)
227. [14:55:47] * flaccid (n=flaccid@121.216.28.237) has joined #openid
228. [15:02:58] * bortzmeyer (i=bortzmey@batilda.nic.fr) has left #openid
229. [15:06:04] * e_s_p (n=evan@modemcable100.199-203-24.mc.videotron.ca) has joined #openid
230. [15:06:06] <samsm> The first, mydomain.
231. [15:06:50] <e_s_p> Hey, all
232. [15:06:58] <e_s_p> I need some eyes
233. [15:07:02] <e_s_p> http://identi.ca/
234. [15:07:07] <samsm> The post-delegation step is like an implementation detail.
235. [15:07:09] * metadaddy (n=metadadd@c-24-6-62-207.hsd1.ca.comcast.net) has joined #openid
236. [15:07:14] <e_s_p> New µblogging service, supports OpenID 2.0
237. [15:07:30] <samsm> mu blogging?
238. [15:07:34] <e_s_p> I've tried most OP's, but not all
239. [15:07:45] <e_s_p> samsm: microblogging, like Twitter, Jaiku, or Pownce
240. [15:07:47] <brunascle> ok, thanks
241. [15:08:08] <e_s_p> Not yet "launched", but I'd love some OpenID'ers feedback on the implementation
242. [15:08:22] <e_s_p> Source available
243. [15:08:26] <samsm> Mmm, wasn't familiar with the mu idiom.
244. [15:08:48] <e_s_p> µ is "micro" for many scientific and technical terms
245. [15:09:00] <e_s_p> Like µF for "microfarads"
246. [15:09:39] <e_s_p> For some reason I have a µ key on my keyboard (Canadian multilingual), so it's easy to use
247. [15:12:30] <samsm> Heh
248. [15:22:56] <brunascle> but, if they input an OP identifier (e.g. yahoo.com), you wouldnt use the user-supplied identifier. you'd use the identifier that yahoo returned to us after authentication.
249. [15:23:05] <brunascle> but how would you know that yahoo.com was an OP identifier? is it because performing discovery on yahoo.com only gives us an endpoint url and not an op-local identifier?
250. [15:23:10] <Chaz6> e_s_p: only complaint I have is that on the openid management page, it says to click "Delete" to remove an openid, but the buttons say "Remove"... otherwise, it is a fine implementation :)
251. [15:25:23] <e_s_p> Chaz6: OK, good
252. [15:25:36] <e_s_p> I'd especially like some feedback on the check_immediate support
253. [15:25:57] <e_s_p> I hacked it in, because I think it's great, but I think there might be some OPs that don't grok check_immediate
254. [15:27:50] * metadaddy is now known as metadaddy_here
255. [15:27:58] * metadaddy_here is now known as metadaddy_there
256. [15:29:06] * metadaddy_there is now known as metadaddy
257. [15:41:54] * todd (n=todd@pool-71-160-16-192.lsanca.dsl-w.verizon.net) has joined #openid
258. [15:42:04] <todd> Can someone explain to me what openid is?
259. [15:42:12] <todd> I mean I've read about it but I still don't get the point of it
260. [15:42:15] <todd> seems pointless
261. [15:42:24] <johill> if you just want to know the point...
262. [15:42:40] <johill> basically the point is: you use it instead of remembering a password for each website you need to log in to
263. [15:44:14] <todd> that sounds pointless
264. [15:44:22] <todd> why not just use the same password everywhere you sign up?
265. [15:45:24] <Chaz6> todd, you can use methods other than a simple username/password to login to your openid provide, e.g. certificate or rsa mobile, irregardless of what methods the website supports
266. [15:45:34] <Chaz6> *provider
267. [15:45:57] <Chaz6> It's basically type of anonymous federation
268. [15:46:09] <todd> but I still have to register on those sites
269. [15:46:18] <e_s_p> todd: also, if you use the same password everywhere, you're giving your bank password to the guys who run hackerz.net
270. [15:46:27] <johill> also, if you use the same password everywhere, you're very vulnerable
271. [15:46:29] <e_s_p> Doesn't seem real smart to me
272. [15:46:33] <todd> here is what I thought open id was and why I *was* excited about it. You sign up one place and it is centralized
273. [15:46:37] <johill> people have learned that lesson the hard way
274. [15:46:45] <e_s_p> (Actually, i made that up... I have no idea if hackerz.net are bad guys)
275. [15:46:47] <Chaz6> todd, no, it's not SSO, that's like Passport or Shibboleth
276. [15:46:48] <todd> in some database
277. [15:46:51] <johill> (remember the leaked email from mediadefender)
278. [15:46:54] <e_s_p> todd: yes
279. [15:46:54] <Chaz6> (i.e. proper federation)
280. [15:46:55] <e_s_p> That's right
281. [15:47:12] <todd> and then when you register it pulls all that information based on your ID and then you don't have to register for sites ... or at least do a full registration
282. [15:47:23] <e_s_p> todd: that's about it, yes
283. [15:47:37] <e_s_p> Not all sites are as good as others in supporting it, though
284. [15:48:05] <todd> So... I sign up for openID... and I fill out all of my personal information on it.
285. [15:48:05] <e_s_p> OpenID walks a fine line between security and convenience
286. [15:48:11] <e_s_p> Right
287. [15:48:21] <Chaz6> OpenID is for authentication.. authorization is still done by the website
288. [15:48:30] <todd> then when I register on digg.com, it uses my openId as a reference with some API that can get my first name
289. [15:48:31] <Chaz6> So you still need an account on each website
290. [15:48:33] <e_s_p> Then you could go to http://vinismo.com/ and log in
291. [15:48:45] <e_s_p> Does digg.com support OpenID now?
292. [15:48:48] <johill> todd: openid _can_ support that with attribute exchange, but many RPs don't implement it
293. [15:48:50] <todd> just using it as an example
294. [15:48:54] <Chaz6> Digg are big fat liars.. they said they were going to support it more than a year ago
295. [15:48:56] <todd> RPs?
296. [15:49:10] <johill> relying parties, websites you can use your openid at
297. [15:49:24] <todd> ok
298. [15:49:32] <todd> do normal people use it or just nerds
299. [15:50:07] <johill> all AIM users have an openid now but whether they use it, no idea
300. [15:50:15] <Chaz6> Normal people are starting to use it now that Yahoo supports it (though sadly only as an idp)
301. [15:50:23] <todd> idp?
302. [15:50:29] <Chaz6> identity provider
303. [15:50:43] <Chaz6> You use an openid from an idp at an rp, if that makes sense
304. [15:51:16] <johill> I think what attribute exchange needs is a bit of a 'best practices' document
305. [15:51:52] <brunascle> question: how do you know a user supplied identifier is an OP identifier, e.g. yahoo.com?
306. [15:52:13] <brunascle> is it because performing discovery on yahoo.com only gives you an op endpoing url, and not an op local identifier?
307. [15:52:22] <johill> I would like to implement wiki settings in it, for example, so every (initially MoinMoin) wiki I log in to has my email, name, ...
308. [15:53:34] * doctormo (n=doctormo@66.237.172.227.ptr.us.xo.net) Quit (Read error: 113 (No route to host))
309. [15:53:57] <johill> brunascle: not sure what the question is? if you just enter 'yahoo.com' in a good RP openid login field, yahoo will ask you to log in and send back your identity
310. [15:54:50] <brunascle> yes, I'm setting up an RP, and i'm a little confused about what to do when they put in an OP identifier, like yahoo.com
311. [15:55:14] <brunascle> because i need to know what identifier to associate with the user account on my site
312. [15:55:29] <johill> tbh, I'm not entirely sure what happens
313. [15:55:52] <johill> I use the janrain python library and it'll just go through with this
314. [15:55:54] <brunascle> if it's an OP identifier, you obviously wouldnt want to associate that with a user account, or else everyone who used yahoo.com would log into the same account
315. [15:56:05] <johill> and when it returns to me all, you get back yahoo.com/openid/username or whatever it is
316. [15:56:26] <johill> say with openid
317. [15:56:32] <johill> myopenid
318. [15:56:36] <johill> I enter myopenid.com
319. [15:56:38] <johill> it asks me to log in
320. [15:56:48] <johill> myopenidhttp://johill.myopenid.com/
321. [15:56:56] <johill> and then tells the website that I am http://johill.myopenid.com/
322. [15:57:02] <johill> (sorry about the other line)
323. [15:58:05] <brunascle> right. but i'm a little confused, because people say you could set up your own identity at, e.g. www.mydomain.com, but have that point to http://username.myopenid.com/
324. [15:58:35] <johill> yeah, that too will be noticed during discovery
325. [15:58:54] <brunascle> and if myopenid.com goes down for some reason, they could just change it to point to some other provider
326. [15:59:16] <brunascle> but for that to work, i would need to associate the user account on my site with www.mydomain.com, not with http://username.myopenid.com/
327. [15:59:49] <samsm> Right, you associate using the url they provide, not the url that is delegated to.
328. [16:00:07] <brunascle> but not if it's an OP identifier, like yahoo.com, correct?
329. [16:00:18] <brunascle> my question is how do i know it's an OP identifier?
330. [16:00:35] <johill> well you cannot delegate to just an OP identifier
331. [16:01:10] <johill> I don't actually know, how do you know? did I do this correctly? does anyone have a delegated identity?
332. [16:01:30] <samsm> You can delegate to any OP provider.
333. [16:01:45] <samsm> The provider is left blissfully ignorant of the delegation.
334. [16:02:18] <samsm> The relying party just doesn't mention that it made a stop at mydomain first.
335. [16:02:50] <samsm> At least ... that's my understanding.
336. [16:02:53] <johill> yeah but so the RP has to distinguish between "user entered a delegated identity, and we store the url that delegated somewhere else"
337. [16:02:54] <brunascle> but entering yahoo.com and entering www.mydomain.com, from my example, are similar. in both cases, the user-supplied identifier is not the same as the real identifier
338. [16:03:20] <johill> vs. "the user entered a provider identifier and we got the right identity returned"
339. [16:03:41] <johill> it's easy to detect though based on what you discovered at the entered identifier
340. [16:04:14] <johill> so since I use existing libraries I'm blissfully ignorant and hope they do the right thing ;)
341. [16:04:23] <samsm> Ditto. :)
342. [16:04:40] <brunascle> right. my code tells if it's an OP identifier, like yahoo.com, if performing discovery on yahoo.com only gives my an op endpoing url and not an op local identifier. it works, i'm just not sure if that's the way it's supposed to be done
343. [16:05:34] <johill> if you actually implement the openid RP code yourself you'll really want to read the specs for that, they should mention something
344. [16:06:28] <brunascle> I have read them, but it's kind of vague about it.
345. [16:09:01] * todd (n=todd@pool-71-160-16-192.lsanca.dsl-w.verizon.net) Quit (Read error: 110 (Connection timed out))
346. [16:12:21] * mtrichardson (n=michaelr@70.99.220.242) has joined #openid
347. [16:13:30] <johill> I don't know
348. [16:20:25] <johill> why are you writing your own code anyway?
349. [16:21:35] <brunascle> honesly, it's mostly not-invented-here syndrome :)
350. [16:21:55] <brunascle> i originally tried to use some libraries from openid.net, but couldnt get them to work right, so i started to make my own
351. [16:22:30] <brunascle> know that i know more about it, I could probably get them to work, but i've already written code that seems to work, and I kind of would rather use that :)
352. [16:36:55] * MrTopf (i=hidden-u@oecher.info) Quit (Read error: 104 (Connection reset by peer))
353. [16:45:55] * MrTopf (i=hidden-u@oecher.info) has joined #openid
354. [17:16:01] <_keturn> What we've found is that it's not that hard to write code that "seems to work"
355. [17:16:50] <_keturn> but that people come up with all sorts of different combinations of protocol versions, implementations, and configurations, and what seems to work for the common case has a lot of places where it fails when you put it in production.
356. [17:18:20] <_keturn> So having a team of six people here to work on it, with a bunch of users to test deployments of it across a range of platforms in three languages, has really helped my confidence in how well our implementations do work
357. [17:18:45] <brunascle> true, which is why I'm testing it with all providers I know of
358. [17:21:12] <johill> I woudl seriously consider writing off the time spent so far to learning and using an existing library
359. [17:21:41] <johill> saves you maintenance in teh long run
360. [17:21:43] <johill> I don't know what janrain changed in the five different versions of their lib I used, but I sure as hell know I wouldn't have wanted to do it
361. [17:21:55] * SunWuKung (n=SunWuKun@S01060016cbc4c705.vc.shawcable.net) has joined #openid
362. [17:23:12] <brunascle> I am considering it, I've got 2 libraries on standby if I decide to use them.
363. [17:24:39] <brunascle> And even if I do use them, what I've learned will help me if I have any problems with them in the future
364. [17:43:21] * metadaddy_ (n=metadadd@nat/sun/x-1594517f3893fc4b) has joined #openid
365. [17:43:21] <jibot> metadaddy_ is Pat Patterson - http://blogs.sun.com/superpat/ - federation architect at http://www.sun.com/identity/ and Sun's 'community guy' on http://opensso.dev.java.net/
366. [17:46:42] <metadaddy_> ?forgetme
367. [17:46:42] <jibot> I have expunged metadaddy_ from my mind
368. [17:47:37] <johill> I wish jibot didn't even say that unless asked ;)
369. [17:49:01] * hillsy (n=shhi2@npfit3.dh.bytemark.co.uk) Quit ("BadaBingBadaBoom")
370. [17:49:59] * metadaddy (n=metadadd@c-24-6-62-207.hsd1.ca.comcast.net) Quit (Read error: 110 (Connection timed out))
371. [17:50:42] * bens_ (n=bens@gateb.mh.bbc.co.uk) Quit (Remote closed the connection)
372. [17:52:52] * metadaddy_ is now known as metadaddy
373. [18:00:55] * stub (n=stub@ppp-58-8-14-205.revip2.asianet.co.th) has joined #openid
374. [18:09:33] * lopnor (n=lopnor@nat.soffritto.org) Quit (Read error: 110 (Connection timed out))
375. [18:16:14] * Dallas (n=dallas@c-71-225-154-80.hsd1.pa.comcast.net) Quit (Read error: 104 (Connection reset by peer))
376. [18:16:28] * Dallas (n=dallas@c-71-225-154-80.hsd1.pa.comcast.net) has joined #openid
377. [18:20:06] * lopnor (n=lopnor@nat.soffritto.org) has joined #openid
378. [18:27:49] * MrTopf (i=hidden-u@oecher.info) Quit ()
379. [19:33:54] * Mitsurugi (n=Nightmar@180.Red-79-145-2.staticIP.rima-tde.net) has joined #openID
380. [19:39:34] * stub (n=stub@canonical/launchpad/stub) Quit ("Leaving.")
381. [19:56:33] <metadaddy> I keep telling him to forget me :x
382. [19:56:46] <metadaddy> jibot, that is
383. [19:56:56] <Chaz6> ?jibot forget metadaddy_
384. [19:57:03] <Chaz6> ?forget metadaddy_
385. [19:57:04] <jibot> I need at least 3 words with an 'is' in the middle
386. [19:57:07] <Chaz6> hm
387. [19:57:35] <samsm> Heh
388. [19:57:53] <Chaz6> ?forget metadaddy_ is Pat Patterson
389. [19:57:53] <jibot> I did not know metadaddy_ was Pat Patterson
390. [19:58:09] <samsm> I've ignored jibot. Now all I need to do is ignore attempts to communicate with jibot. :)
391. [19:58:12] <Chaz6> ?forget metadaddy_ is Pat Patterson - http://blogs.sun.com/superpat/ - federation architect at http://www.sun.com/identity/ and Sun's 'community guy' on http://opensso.dev.java.net/
392. [19:58:12] <jibot> I did not know metadaddy_ was Pat Patterson - http://blogs.sun.com/superpat/ - federation architect at http://www.sun.com/identity/ and Sun's 'community guy' on http://opensso.dev.java.net/
393. [19:58:17] <Chaz6> Damn bot
394. [19:58:45] <samsm> :)
395. [19:58:49] <Chaz6> Oh I think you already removed it metadaddy
396. [19:58:58] <Chaz6> It just happened to have two definitions, one for your alternative nickname
397. [20:04:02] * mike (n=chatzill@kri3-1x-dhcp241.studby.uio.no) has joined #openid
398. [20:04:20] * mike is now known as michaee
399. [20:04:37] * Mitsurugi (n=Nightmar@180.Red-79-145-2.staticIP.rima-tde.net) Quit (Read error: 104 (Connection reset by peer))
400. [20:06:23] <michaee> Eh, hello? Is this the place I come to ask questions about the JanRain OpenID Library?
401. [20:06:37] <samsm> Go for it.
402. [20:08:10] <johill> speicfy the language ;)
403. [20:08:16] <johill> there's no _the_ janrain openid lib
404. [20:09:26] <michaee> Well, this is more of a general OpenID question I guess... I want the users of my website to be able to log in with their OpenIDs and it will get their profile information (nickname, email, etc) so that it can be displayed on my page. Is there any way to get their user information without them having to log in (after my page has been authenticated)? If they update their OpenID profile, what...
405. [20:09:27] <michaee> ...is the best way to get this new information? Do I have to make another request or is there a faster way (seeing as the request is a little slow)?
406. [20:09:59] <michaee> Now that I had typed out the entire thing it seems a little confusing.
407. [20:10:37] <johill> attribute exchange, I think the spec defines some update handling but I'm not sure it's impleemtend
408. [20:10:46] <samsm> It's not really a ton of data to request each time.
409. [20:11:01] <samsm> Though long term that may be a naive attitude.
410. [20:11:29] <michaee> No, the requests are actually quite fast, but if I am displaying a lot of profiles on the same page and need to do a request for every single one, it might kill performance a bit.
411. [20:11:45] <michaee> The point is this: What do YOU (the veterans) suggest I do?
412. [20:11:59] <samsm> You mean if a given person is logged in with multiple openids?
413. [20:12:39] <samsm> If you are talking about AX or Sreg, your only opportunity to grab that profile data is during a login.
414. [20:12:40] * mtrichardson (n=michaelr@70.99.220.242) Quit (Read error: 104 (Connection reset by peer))
415. [20:12:46] * mtrichardson (n=michaelr@70.99.220.242) has joined #openid
416. [20:13:00] <samsm> So the rest of the time it has to be cached on your end.
417. [20:13:09] <samsm> Or am I totally not getting it?
418. [20:13:24] <michaee> You got it.
419. [20:13:58] <michaee> Thanks for the help. Now I'll go back to trying to understand things.
420. [20:14:03] * michaee (n=chatzill@kri3-1x-dhcp241.studby.uio.no) Quit ("ChatZilla 0.9.82.1 [Firefox 3.0/2008052906]")
421. [20:15:39] <johill> well that's useful. sure, quit before I can say a thing ;)
422. [20:15:55] <samsm> No kidding
423. [20:16:23] <johill> I was going to refer to openid.ax.update_url
424. [20:16:42] <samsm> Oh wow, I had no idea about that.
425. [20:16:45] <johill> that allows an IdP to update the caches around the web when the information changes
426. [20:17:51] <samsm> How does the authentication work between the caches and the IdP?
427. [20:18:23] <johill> I'm just reading it ;)
428. [20:18:30] <johill> it can just re-post the response
429. [20:18:31] <samsm> Me too.
430. [20:18:46] <johill> so they use the same keys they negotiated when the user first signed in
431. [20:19:05] <johill> after all, RPs/IdPs always build an assocation between themselves
432. [20:19:09] <samsm> I thought those were supposed to expire.
433. [20:19:16] <samsm> And get re-established.
434. [20:20:12] <samsm> This really sounds like a job for Oauth.
435. [20:20:37] <johill> oauth?
436. [20:21:22] <johill> hm you're right, associations expire
437. [20:21:43] <samsm> Way to give a Facebook application access to your gmail address book without providing your full gmail username/password.
438. [20:22:25] <johill> sounds special
439. [20:26:05] * mtrichardson_ (n=michaelr@70.99.220.242) has joined #openid
440. [20:26:05] * mtrichardson (n=michaelr@70.99.220.242) Quit (Read error: 104 (Connection reset by peer))
441. [20:27:19] * mtrichardson_ (n=michaelr@70.99.220.242) Quit (Client Quit)
442. [20:30:05] <samsm> Oh, looks like the the update_url might have a token on it.
443. [20:30:22] <johill> yeah but that makes little sense
444. [20:30:29] <samsm> And it is a push thing, neat.
445. [20:30:29] <johill> since it could be sniffed
446. [20:30:54] <johill> you really have to verify that it's the same provider
447. [20:32:26] <johill> I guess an IdP that is prepared to push out AX updates might specify a large value for expires_in on the association
448. [20:32:47] <johill> a locally determined value on how long you're going to push out updates when the user hasn't used the RP service for a long time
449. [20:33:01] <johill> that's piggy-backing it a bit, but should work
450. [20:35:24] <johill> only if you can 'renew' associations though
451. [20:37:44] <johill> and that doesn't like to be the case
452. [20:44:31] * metadaddy is now known as metadaddy_lunch
453. [20:45:50] * Tha-Nerd (n=thanerd@88.179-242-81.adsl-dyn.isp.belgacom.be) has joined #openid
454. [20:47:12] <Tha-Nerd> anyone used the PHP OpenID Library from http://www.openidenabled.com/ ?
455. [20:49:00] * Mitsurugi (n=Nightmar@91.Red-81-32-4.dynamicIP.rima-tde.net) has joined #openID
456. [20:52:53] * doctormo (n=doctormo@66.237.172.227.ptr.us.xo.net) has joined #openid
457. [20:53:27] <doctormo> Is the token request only used per 1 authorisation or can it be cached and used multiple times?
458. [20:55:30] * IGnatiusTFoobar (n=ajc@hawthorne.citadel.org) has joined #openid
459. [20:55:54] <IGnatiusTFoobar> Hello OpenID fans :)
460. [20:57:32] <Mitsurugi> hey dude
461. [20:57:59] * metadaddy_lunch is now known as metadaddy
462. [21:00:10] * Mitsurugi (n=Nightmar@91.Red-81-32-4.dynamicIP.rima-tde.net) Quit ("http://niorcs.com · tecnologia lliure per a un món lliure")
463. [21:03:52] * Mitsurugi (n=Nightmar@91.Red-81-32-4.dynamicIP.rima-tde.net) has joined #openID
464. [21:06:28] <IGnatiusTFoobar> Just thought I'd pop in and mention that we just added OpenID relying party support to Citadel [http://www.citadel.org]
465. [21:07:01] <IGnatiusTFoobar> It's an email/groupware/collaboration package
466. [21:07:17] <Chaz6> IGnatiusTFoobar: Thanks!
467. [21:08:03] <IGnatiusTFoobar> Rough estimates are that Citadel users now number in the millions, so this should be a fairly big deal.
468. [21:08:07] <Chaz6> Hey, nice to see it still has BBS support :)
469. [21:08:29] <IGnatiusTFoobar> Absolutely. Although you can't use OpenID if you're logging in with telnet, of course.
470. [21:08:36] <Chaz6> Indeed
471. [21:09:16] <IGnatiusTFoobar> http://uncensored.citadel.org is the first site that's using the new code.
472. [21:09:50] * IGnatiusTFoobar is really psyched about joining the OpenID world
473. [21:09:53] <Chaz6> Although, is it impossible that you could present a console web browser over telnet for the log-in?
474. [21:10:18] <Chaz6> Of course, this would only work with IDP's that supported simple textual log-ins
475. [21:10:29] <IGnatiusTFoobar> Wow, that would be an awful lot of cruft :)
476. [21:10:33] <doctormo> johill: You know I still haven't managed to have much sucess with launchpad's openid system, it seems broken
477. [21:11:08] <johill> doctormo: dunno, I never tried, they only once wanted to hire me to do something possibly quite similar to what you're doing
478. [21:11:29] <johill> (well in the end they didn't want to any more)
479. [21:12:02] <doctormo> heh
480. [21:12:20] <doctormo> johill: want hiring to do something quite similar to what I'm doing?
481. [21:12:27] <doctormo> well commissioning.
482. [21:13:27] <johill> if it's not going to work anyway? ;)
483. [21:13:47] <johill> well I guess I can quickly test with my code
484. [21:14:12] <Chaz6> IGnatiusTFoobar: yeah, just a silly idea
485. [21:14:56] <Chaz6> IGnatiusTFoobar: unfortunately I just tried to add an OpenID and it did not work.. got redirected to the iDP and back again, but the openid did not appear on my account
486. [21:18:13] <Chaz6> Not sure if this is a bug or a feature, but Citadel doesn't bother checking whether the forward dns matches the reverse (e.g. on the "Who is online?" page)
487. [21:21:38] <johill> doctormo: works for me
488. [21:22:31] * SunWuKung (n=SunWuKun@S01060016cbc4c705.vc.shawcable.net) Quit ()
489. [21:23:28] * SunWuKung (n=SunWuKun@S01060016cbc4c705.vc.shawcable.net) has joined #openid
490. [21:24:35] <johill> doctormo: with and without discovery
491. [21:25:36] <Chaz6> Is there anyone here from certifi.ca?
492. [21:26:20] * dothebart (n=willi@xdsl-213-196-243-10.netcologne.de) has joined #openid
493. [21:26:28] <dothebart> hy everybody...
494. [21:26:41] <johill> doctormo: it's actually https://login.launchpad.net/ though
495. [21:26:50] <dothebart> I'd like to know which license is the openid logo at?
496. [21:27:29] <doctormo> johill: that is what I use, and don't forget I tested it with PBWiki so I know the concept works
497. [21:27:40] <dothebart> is it ok to redistribute it, and is it DFSG-compliant?
498. [21:28:11] <dothebart> i'm asking because of the citadel client implementation.
499. [21:28:43] <doctormo> johill: I'm very serious about paying you to fix this problem. I'm the leader of a loco and have plenty of stuff to do.
500. [21:35:11] <johill> doctormo: what exactly do you have in mind? it doesn't seem that much of a problem, weren't you using python and the janrain libs too?
501. [21:35:23] <johill> I mean, what would you want me to do? just write the openid code?
502. [21:35:31] <doctormo> johill: exactly, it shouldn't be a problem.
503. [21:35:38] <doctormo> Right just the openid code
504. [21:36:59] <doctormo> It just needs to auth, and I can get it to create user accounts of the fly and test for group-membership. I just need the 2 things from the sucess page the home page link and the name.
505. [21:38:31] <johill> does launchpad implement attribute exchange for that?
506. [21:40:48] <doctormo> unknown, it comes in html as far as I can see. you get a link like https://login.launchpad.net/+id/yxRPkwM which you could easily make a http request for the name and username link.
507. [21:41:01] <doctormo> Although if it does attibute stuff too then great
508. [21:41:45] <johill> I wouldn't rely on https://login.launchpad.net/+id/FtJpsPn redirecting to the right page
509. [21:42:09] <johill> it also does that as a meta-refresh, probably to make it hard to do in a program
510. [21:43:00] <doctormo> johill: We're only dealing with launchpad so it doesn't need to be that generic; although use it if everything else fails
511. [21:43:09] <doctormo> thoughts?
512. [21:46:58] * e_s_p (n=evan@modemcable100.199-203-24.mc.videotron.ca) Quit (Read error: 113 (No route to host))
513. [21:47:23] <johill> I wouldn't have any idea how to find out whether it supports AX and which attribute names it supports
514. [21:47:52] <doctormo> johill: You would have thought it would give you _some_ basic information without anything fancy.
515. [21:50:17] <johill> I don't see anything specified
516. [21:51:28] <dothebart> http://openid.net/logos/ <- this names the creator, but no license...
517. [21:51:43] <dothebart> is there any chance to get a clearer statement on that?
518. [21:52:53] <samsm> http://openid.net/pipermail/general/2007-January/001422.html
519. [21:53:01] <samsm> http://lists.danga.com/pipermail/yadis/2005-June/000990.html
520. [21:53:38] <samsm> There may be updates to that stuff ... beats me.
521. [21:57:38] <dothebart> hm... not that good yet :(
522. [21:58:18] <samsm> Could be sketchier. :)
523. [22:12:41] * brunascle (n=brunascl@38.113.17.3) Quit ()
524. [22:27:02] * equalspeterd (i=d1ad35e9@gateway/web/ajax/mibbit.com/x-d3c325f91dc149f8) Quit ("http://www.mibbit.com ajax IRC Client")
525. [22:32:16] * doctormo (n=doctormo@66.237.172.227.ptr.us.xo.net) Quit (Read error: 54 (Connection reset by peer))
526. [22:39:58] <_keturn> dothebart: try asking people in the Foundation. they ought to have a better answer.
527. [22:50:48] * SunWuKung (n=SunWuKun@S01060016cbc4c705.vc.shawcable.net) Quit ()
528. [22:58:48] * xpo (n=xpo@nat/af83/x-0e66813c50f6f7d7) Quit ()
529. [23:12:03] * metadaddy is now known as metadaddy_away
530. [23:28:52] * xpo (n=xpo@bgl93-2-82-226-41-47.fbx.proxad.net) has joined #openid
531. [23:41:44] * tudenbart (n=willi@xdsl-213-196-226-5.netcologne.de) has joined #openid
532. [23:58:47] * dothebart (n=willi@xdsl-213-196-243-10.netcologne.de) Quit (Read error: 110 (Connection timed out))
533. [23:58:47] * tudenbart is now known as dothebart

These logs were automatically created by OpenIDlogbot on chat.freenode.net using a modified version of the Java IRC LogBot.