IRC Log for #openid on 2010-01-01

Timestamps are in UTC.

  1. [00:38:14] * Kaliya (n=Adium@adsl-71-138-138-110.dsl.pltn13.pacbell.net) Quit ("Leaving.")
  2. [01:21:30] * kcraig (n=kcraig@c-76-25-205-27.hsd1.co.comcast.net) has joined #openid
  3. [02:05:18] * hachque (n=jrhodes@ppp198-201.static.internode.on.net) has joined #openid
  4. [02:05:36] <hachque> i need a name for a federated data and profile sharing extension to OpenID
  5. [02:05:43] <hachque> openaccount and openinfo dont have any domains available
  6. [02:06:26] * kcraig (n=kcraig@c-76-25-205-27.hsd1.co.comcast.net) Quit (Client Quit)
  7. [02:14:51] * mosites (n=mosites@67.136.127.15) has joined #openid
  8. [02:33:43] <karstensrage> what are you building?
  9. [02:36:20] * Kaliya (n=Adium@adsl-68-124-70-214.dsl.pltn13.pacbell.net) has joined #openid
  10. [02:37:05] <hachque> karstensrage: it's an extension to OpenID that allows identity providers to provide more information than the defined set of Sreg fields
  11. [02:37:11] <hachque> it allows clients to fetch information after login
  12. [02:37:18] <hachque> and it also allows client to write information back to the identity provider
  13. [02:37:29] <hachque> to store custom information about a user, or to update other fields (with the user's permission)
  14. [02:38:58] <karstensrage> if they are not defined apriori how do you request them?
  15. [02:39:12] <hachque> what do you mean?
  16. [02:39:18] <hachque> if they are not defined on the identity provider
  17. [02:39:24] <hachque> then the client recieves feedback telling it so
  18. [02:39:32] <hachque> but it doesn't matter that it doesn't exist
  19. [02:39:35] <hachque> because the client can prompt for it
  20. [02:39:38] <karstensrage> well i can query the sreg defined fields but i dont know about others
  21. [02:39:40] <hachque> and then save it to the identity provider
  22. [02:40:17] <hachque> as a client, it doesn't matter if you don't know the others
  23. [02:40:30] <hachque> you can check to see if the identity provider has it, if not, prompt the user and save it back again
  24. [02:41:55] <karstensrage> so client asks for blood type, your thing doesnt have it, client prompts user for blood type and you save it off for the next time?
  25. [02:42:57] <hachque> if the identity provider doesn't have it, the client will recieve an error saying the field isn't defined - the client can then prompt the user for the information on their site and then when they have entered it, the client can make a WriteInformation request
  26. [02:43:18] <karstensrage> hmm
  27. [02:43:28] <hachque> if the client doesn't have write access to that field though, they need to redirect to a page on the identity provider that prompts the user for permission first
  28. [02:43:35] <karstensrage> what problem are you solving?
  29. [02:43:50] <hachque> the problem of information being out of sync
  30. [02:43:52] <karstensrage> one client wants BloodType, one wants bType.. and you get into a mess of cruft
  31. [02:44:33] <hachque> yes and no
  32. [02:44:50] <hachque> clients can either write information to their own namespace, in which case, they don't need initial write permission
  33. [02:44:51] <hachque> e.g.
  34. [02:44:58] <hachque> if my client site is hosted at www.mysite.com
  35. [02:45:09] <hachque> then i can write fields that look like: www.mysite.com:fieldname
  36. [02:45:13] <hachque> without having to ask permission
  37. [02:45:24] <hachque> so sites can store information about a user for stuff specific for them
  38. [02:45:27] <karstensrage> <hachque> the problem of information being out of sync
  39. [02:45:35] <karstensrage> that doesnt solve the stated problem at all
  40. [02:45:43] <hachque> yes it does
  41. [02:45:48] <karstensrage> that just lets client store their own crap
  42. [02:46:01] <hachque> because the email address entered on the identity provider will be the same on all client sites
  43. [02:46:05] <hachque> same with the other fields
  44. [02:46:30] * Kaliya (n=Adium@adsl-68-124-70-214.dsl.pltn13.pacbell.net) Quit ("Leaving.")
  45. [02:46:46] <karstensrage> ok but how are you going to resolve myid@provider.com:www.mysite.com:BloodType and myid@provider.com:www.mysite.com:bType
  46. [02:46:54] <karstensrage> ok but how are you going to resolve myid@provider.com:www.mysite.com:BloodType and myid@provider.com:www.myothersite.com:bType
  47. [02:48:32] * mosites (n=mosites@67.136.127.15) Quit ()
  48. [02:48:50] <hachque> i have a few ways of solving this problem
  49. [02:48:53] <hachque> they aren't definite solutions
  50. [02:48:56] <hachque> but they should minimize it
  51. [02:49:21] <hachque> 1) for very common fields, providers can simply use aliases, e.g. real_name is mapped to fullname
  52. [02:50:15] <hachque> 2) maintain a list on the extension's site that lists registered fields - that way people wanting to use common information can lookup to see if there is already a defined name for the information they want
  53. [02:51:11] <hachque> 3) specify a naming format for identifiers, e.g. all words should be fully spelt, no capitalization, no underscores and no spaces
  54. [02:51:23] <hachque> obviously, these restrictions need not apply for the site's own namespace
  55. [02:51:39] <hachque> but for when writing into the global area those formats should be recommended
  56. [02:52:17] <hachque> the other thing this allows sites to do as well
  57. [02:52:31] <hachque> is "sort of" expose APIs to information
  58. [02:52:36] <hachque> but instead of each site having it's own API
  59. [02:52:52] <hachque> they have just list the information field names on their namespace
  60. [02:52:59] <hachque> for example
  61. [02:53:11] * flaccid (n=flaccid@CPE-58-164-67-248.lns1.ken.bigpond.net.au) has joined #openid
  62. [02:53:19] <hachque> say i have extremely popular website abc.com who use OpenID for authentication
  63. [02:53:27] <hachque> they can put their custom data into their namespace like
  64. [02:53:35] <hachque> abc.com:someimportantuserfield
  65. [02:53:37] <hachque> now
  66. [02:53:51] * Kaliya (n=Adium@adsl-68-124-70-214.dsl.pltn13.pacbell.net) has joined #openid
  67. [02:53:53] <hachque> any other website that also uses OpenID for authentication
  68. [02:54:09] <hachque> can then say, i want to read this bit of information relevant to that website
  69. [02:54:22] <hachque> and read abc.com:someimportantuserfield (with appropriate approval from the user)
  70. [02:54:29] <flaccid> what are you trying to achieve?
  71. [02:54:43] <hachque> the idea of the site namespaces are that you don't clutter up the global area with information only relevant to one site
  72. [02:54:51] <hachque> flaccid: it's an extension to OpenID
  73. [02:55:00] <hachque> federated data and profile sharing
  74. [02:55:07] <hachque> much more advanced than SReg
  75. [02:55:48] <flaccid> have you seen AX?
  76. [02:55:53] <hachque> no
  77. [02:56:18] <flaccid> check it out
  78. [02:57:54] <hachque> o ffs i wrote all that code for nothing
  79. [02:58:25] <karstensrage> lol
  80. [02:58:43] <hachque> how many sites actually use AX though?
  81. [02:59:13] <hachque> i mean, why is google and all those big identity providers galloping around with oAuth if AX already does the data sharing part?
  82. [03:00:10] <flaccid> auth != data exchange
  83. [03:00:33] <flaccid> you could use both, if you require auth
  84. [03:00:53] <hachque> i thought oAuth was for sharing data, but it required pre-shared keys between parties
  85. [03:01:21] <hachque> which makes it useless when you have hundreds of identity providers and thousands of relying parties
  86. [03:02:02] <flaccid> AX extends authentication
  87. [03:02:08] <flaccid> oAuth is authorisation
  88. [03:02:38] <hachque> does OpenID make oAuth useless then?
  89. [03:02:43] <hachque> if all oAuth does is authentication
  90. [03:02:57] <flaccid> authentication != authorisation
  91. [03:03:16] <flaccid> it all comes back to what you are trying to do
  92. [03:03:31] <hachque> how many providers actually have AX implemented though?
  93. [03:03:53] <hachque> i know that most libraries don't have AX functionality built in either
  94. [03:07:55] <hachque> huh..
  95. [03:07:56] <hachque> google does
  96. [03:08:12] <hachque> i just presumed that this never existed since no-one uses it
  97. [03:08:27] <flaccid> quite a few do, but i don't really know, you could research but
  98. [03:08:27] <hachque> stackoverflow doesn't use it
  99. [03:08:31] <hachque> ohloh doesn't use it
  100. [03:08:36] <flaccid> a lot of libs do have AX classes
  101. [03:08:56] <flaccid> well a lot of OPs don't do much extension wise/use the full power of openid
  102. [03:10:03] <flaccid> i'm going to do one with a lot of functionality soon. heh when i get the time. but there is no reason why you can't - the tools are all there. choose your lang..
  103. [03:10:03] <hachque> see i thought that websites had those Google buttons and all that because the login process also use oAuth
  104. [03:10:28] <hachque> and then they had the OpenID button if you were using just OpenID
  105. [03:10:38] <flaccid> depends which provider. google uses oAuth for some stuff, but i can't remember if they use it with openid auth
  106. [03:10:57] <hachque> and i was like, well that isn't going to work very well because then sites need to list every provider that they want to do data sharing with
  107. [03:11:05] <flaccid> well google forked openid, yes which is another whole story. iirc oauth is in there somewhere at least with fbc
  108. [03:11:21] <flaccid> i mean google connect or google friendsconnect whatever its called
  109. [03:12:15] <flaccid> yes. so the standard extensions are AX and SReg. if you do an RP or an OP that supports both, they will have access to all potentially shared data. oAuth can be used on top to grant RPs for example default data profiles
  110. [03:13:09] <flaccid> just start off with openid+sreg+ax and check what the OPs and RPs in question support and make sure you cover what they do
  111. [03:14:40] <hachque> if there is AX, why is there still SReg?
  112. [03:14:52] <hachque> i mean, wouldn't it be better to scrap SReg and replace with AX
  113. [03:21:01] <flaccid> well thats not a bad question. but in reality its hard enough for providers and RPs to even support one to begin with. a lot of the time they just do the openid auth and thats it
  114. [03:27:53] <hachque> the problem is that with SReg, there's libraries out there like phpMyID, etc.. which only do SReg
  115. [03:28:00] <hachque> when really, they should be supporting AX and not SReg
  116. [03:28:05] <hachque> because AX supersedes it really
  117. [03:33:16] <hachque> the other problem you have is
  118. [03:33:25] <hachque> site owners like me, who have very data rich sites
  119. [03:33:37] <hachque> see OpenID as being unable to perform what is needed
  120. [03:33:46] <hachque> and don't adopt it
  121. [03:33:49] <hachque> for that very reason
  122. [03:34:09] <hachque> after all, if the user still have to enter in a fair amount of information, then the only thing it provides is universal authentication
  123. [03:34:39] <hachque> and it really isn't worth navigating the terribly undocumented source code of the JanRain libraries to do that
  124. [03:54:58] <flaccid> phpMyID is not a library. its basically crap. checkout php-openid
  125. [03:55:28] <flaccid> the janrain libs are documented and have examples in them
  126. [03:55:37] <hachque> JanRain is so overcomplicated and undocumented
  127. [03:55:40] <hachque> it's not funny
  128. [03:55:59] <flaccid> thats because its php. python-openid rox
  129. [03:56:08] <hachque> with JanRain it takes weeks if not months to implement an identity provider
  130. [03:56:13] <flaccid> if you can't read phpdocumentor then it seems out of your depth
  131. [03:56:22] <hachque> phpdocumentor?
  132. [03:56:32] <flaccid> it took me about 5minutes to setup an OP with the example/provider
  133. [03:56:40] <hachque> there's no examples ._.
  134. [03:57:00] <flaccid> http://openidenabled.com/files/php-openid/docs/2.1.3/
  135. [03:57:19] <flaccid> this comes with the library archive http://openidenabled.com/php-openid/trunk/examples/server/server.php
  136. [03:57:38] <hachque> look how many classes there are o_O
  137. [03:57:55] <hachque> why is there not just a single class that has some functions that you call to make it work
  138. [03:58:00] <flaccid> yeah so thats the object implementation. its an OOP library after all
  139. [03:58:09] <flaccid> because openid is not that simple.
  140. [03:58:19] <hachque> the only thing i actually used JanRain for was the check_authentication proces
  141. [03:58:24] <flaccid> it would be bad programming to implement 1 class
  142. [03:58:40] <hachque> i did everything else manually in my implementation because i couldn't understand what each and every function did in all of the JanRain classes
  143. [03:58:55] <flaccid> i'm really not seeing a problem. an example is provided out of box and the code is quite small for the driver program and is separate from the libs themselves
  144. [03:59:18] <hachque> the server example is terrible
  145. [03:59:26] <flaccid> yes i agree it is bad
  146. [03:59:32] <flaccid> php is bad to begin with
  147. [03:59:41] <hachque> PHP isn't bad if you use OO
  148. [04:00:17] <flaccid> so that looks like a contradiction to me. php-openid is OOP
  149. [04:00:25] <hachque> like SimpleOpenID
  150. [04:00:39] <flaccid> another example of a badly designed piece of software
  151. [04:00:48] <hachque> how is it badly designed?
  152. [04:00:57] <hachque> i don't have to wad through documentation or poorly written examples
  153. [04:01:01] <hachque> i can look at the function names
  154. [04:01:04] <hachque> and know what i need to do
  155. [04:01:27] <flaccid> and because it is one class, its support scope is incredibly limited
  156. [04:01:44] <flaccid> from memory it is quite outdated
  157. [04:02:38] <hachque> but at least it's understandable
  158. [04:02:45] <hachque> with JanRain, i have no idea what it's doing
  159. [04:02:56] <hachque> it's not like
  160. [04:03:06] <hachque> here call this function at this stage
  161. [04:03:09] <hachque> and call this other function here
  162. [04:03:11] <hachque> and your done
  163. [04:03:12] <flaccid> you can't extend that class very well
  164. [04:03:14] <hachque> it's
  165. [04:03:29] <hachque> wad through a whole bunch of shit and try and trace how the JanRain PHP code actually matches up with what the spec says
  166. [04:03:37] <flaccid> yes. this is what a library is. the library is documented. if you don't understand it, unfortunately thats your limitation
  167. [04:03:56] <hachque> no, the limitation is JanRain
  168. [04:03:59] <hachque> it's not organised well
  169. [04:04:06] <flaccid> sure. but they are providing it for free
  170. [04:04:18] <flaccid> complainers don't fit well in open source
  171. [04:04:35] <hachque> it's certainly not helping adoption of OpenID though
  172. [04:04:53] <flaccid> yes i agree. just remember they are a commercial company and need to pay their employees
  173. [04:05:25] <flaccid> the basic situation, is you have the option to improve openid support. janrain isn't the only library out there also
  174. [04:05:45] <hachque> yes, but as you just said, the other libraries are outdated / only support SReg / etc..
  175. [04:05:55] <flaccid> thats right
  176. [04:06:00] <flaccid> you can change that
  177. [04:06:21] <hachque> how?
  178. [04:06:34] <flaccid> if http://wiki.openid.net/Run-your-own-identity-server is not suffice. well you can develop or improve one of your choice
  179. [04:06:47] <flaccid> isn't this the power of open source
  180. [04:06:54] <flaccid> contribute back ..
  181. [04:07:03] <hachque> but there isn't enough documentation on the specs to roll my own
  182. [04:07:29] <hachque> like right here: http://openid.net/specs/openid-authentication-1_1.html#mode_check_authentication
  183. [04:07:36] <hachque> check_authentication is a bitch
  184. [04:07:39] <hachque> i followed the specs
  185. [04:07:42] <hachque> and my implementation did not work
  186. [04:07:46] <flaccid> the specification is all you need if you know how to program etc. there is also thousands of pages on the internet you can research. hacking the openid libs helped me understand the spec
  187. [04:08:00] <flaccid> i have no idea why you are doing openid 1.1
  188. [04:08:09] <hachque> ?
  189. [04:08:14] <flaccid> http://openid.net/specs/openid-authentication-2_0.html
  190. [04:08:32] <flaccid> http://openid.net/specs/openid-authentication-2_0.html#compat_mode
  191. [04:08:40] <hachque> probably because most of the libraries available only do 1.1
  192. [04:09:26] <hachque> well, see even 2.0 has check_authentication
  193. [04:10:20] <hachque> http://stackoverflow.com/questions/1481114/openid-checkauthentication-not-working
  194. [04:10:25] <hachque> that question is from months ago
  195. [04:10:28] <flaccid> have a look at this http://wiki.openid.net/Libraries?SearchFor=libraries&sp=1
  196. [04:10:55] <flaccid> http://www.openidenabled.com/php-openid/ supports openid 2.0, sreg and ax
  197. [04:10:58] <hachque> as stated, i don't like using libraries if they are too bloated for me to be able to read them and understand what's going on
  198. [04:11:13] <hachque> i should be able to look at the source code
  199. [04:11:14] <hachque> read the comments
  200. [04:11:19] <hachque> and go, i know what this does
  201. [04:11:25] <flaccid> i am aware of that check/immediate. its not implemented in the example. but if you understand the workflow, you can implement it
  202. [04:11:48] <hachque> ?
  203. [04:12:03] <flaccid> openid is not simple. you also have to work with what you have. complaining to me aint going to change the situation you know
  204. [04:12:15] <hachque> okay
  205. [04:12:16] <hachque> well
  206. [04:12:25] <hachque> since check_authentication is the only part i don't understand why it won't work
  207. [04:12:39] <hachque> can you tell me why http://stackoverflow.com/questions/1481114/openid-checkauthentication-not-working gets a check_authentication denied from RPs?
  208. [04:14:13] * flaccid looks
  209. [04:14:25] <flaccid> ah yeah sorry this is dif issue to the check_immediate
  210. [04:15:00] <hachque> i don't even know what check_immediate is :'
  211. [04:16:44] <flaccid> i think you have to debug this one. mainly around: When using "check_authentication", the OP MUST NOT issue more than one successful response to a request with the same value for "openid.response_nonce".
  212. [04:17:21] <flaccid> check if the OP already issued a [openid_mode] => check_authentication against that nonce
  213. [04:17:26] <hachque> huh?
  214. [04:17:34] <hachque> but if i'm validating with an RP for the first time
  215. [04:17:41] <hachque> i should not get check_authentication denied
  216. [04:17:54] <hachque> i shouldn't get check_authentication denied at all, since i'm approving in all cases
  217. [04:19:02] <flaccid> thus debug
  218. [04:19:14] <flaccid> i've tested the php-openid OP and RP examples against each other and they don't have this problem
  219. [04:19:33] <hachque> i did debug
  220. [04:19:41] <hachque> what you see in the stackoverflow post is the debugging information
  221. [04:21:39] <flaccid> thats not enough. like i said, debug both the RP and the OP. check the RP's source code to see what condition is making it return denied..
  222. [04:22:30] <hachque> tracing the relying party error would involve looking inside JanRain
  223. [04:22:42] <hachque> and that source code is impossible to debug
  224. [04:22:52] <flaccid> welcome to php
  225. [04:22:59] <flaccid> but its not that hard
  226. [04:23:01] <hachque> it's not PHP that causes that problem
  227. [04:23:12] <hachque> it's the fact that JanRain has function calls flying left right and center
  228. [04:23:19] <flaccid> php does not provide traceback so it sux
  229. [04:23:43] <flaccid> the object inheirtence is crazy. but once again, you have to work with what you have
  230. [04:24:20] <flaccid> complaining gets you nowhere.
  231. [04:25:49] <hachque> i know, but it doesn't change the fact they are valid points and someone that actually understands this stuff should rectify the problem
  232. [04:27:00] <flaccid> they should?
  233. [04:27:00] <flaccid> the problem that you can't read documentation?
  234. [04:28:23] <flaccid> there is a bug tracker if you find the bug with this denied auth. http://trac.openidenabled.com/trac/newticket?project=php-openid and you can submit a patch when you make the fix: http://www.openidenabled.com/contribute/
  235. [04:31:18] <hachque> yes they should because i don't understand how this all works - and the documentation for OpenID is shit as I've said
  236. [04:33:00] <flaccid> why should they?
  237. [04:34:18] <flaccid> why don't you tell them.. openid@janrain.com
  238. [04:34:20] <hachque> because it's impossible to just pick up OpenID and implement it in a website
  239. [04:34:36] <flaccid> they will probably offer you RPX
  240. [04:34:54] <hachque> ?
  241. [04:35:08] <flaccid> ??
  242. [04:35:11] <hachque> ???
  243. [04:35:15] <hachque> what's RPX?
  244. [04:35:28] <flaccid> http://rpxnow.com/
  245. [04:35:46] <hachque> so it's an alternative to OpenID?
  246. [04:36:01] <flaccid> no, its an openid solution
  247. [04:36:10] <flaccid> its essentially SaaS
  248. [04:36:51] <hachque> oh okay
  249. [04:37:24] <hachque> so they probably wont improve the docs on it then since they want to direct people to RPX
  250. [04:37:31] * flaccid (n=flaccid@unaffiliated/flaccid) Quit (Read error: 104 (Connection reset by peer))
  251. [04:37:39] * flaccid (n=flaccid@CPE-58-164-67-248.lns1.ken.bigpond.net.au) has joined #openid
  252. [04:38:04] <flaccid> meh im on dodgy wi-fi atm
  253. [04:38:40] <hachque> well i've wasted too much time on my OpenID extension to spend more time on an easy-to-use OpenID library
  254. [04:38:58] <flaccid> well that is your choice
  255. [04:39:07] <flaccid> not everything is easy you know :)
  256. [04:39:47] <hachque> but it should be ._.
  257. [04:39:59] <hachque> i don't understand why OpenID is as complex as it is
  258. [04:40:07] <flaccid> you have big expectations
  259. [04:40:27] <hachque> i wrote my own cross-server authentication and it doesn't require all this Yadis or SHA1 encryption stuff
  260. [04:40:31] <flaccid> its complex because its a real tech that uses practices like crypto to make it secure
  261. [04:40:49] <flaccid> well congrats there, its likely not secure
  262. [04:41:11] <flaccid> and essentially you did the bad practice of a fork or reinvention of the wheel. but that is also your choice
  263. [04:41:34] <hachque> it was as secure as OpenID
  264. [04:41:41] <hachque> you couldn't verify yourself as someone else
  265. [04:42:14] <flaccid> don't you think its ironic that you were complaining about openid support, yet you made your own 'openid' that is not supported anywhere
  266. [04:42:38] <hachque> that's because i didn't realise that it was possible to implement data sharing as an extension to OpenID
  267. [04:42:54] <hachque> so i thought i didn't have any choice but to redo that area
  268. [04:43:02] <flaccid> ok then. i recommend a little bit more research next time
  269. [04:43:23] <hachque> my research involves downloading examples :P
  270. [04:43:34] <hachque> when i was downloading examples, none of them used AX
  271. [04:43:48] <hachque> i didn't even know about AX until this conversation today
  272. [04:44:11] <flaccid> i have no idea why you would expect examples to be available for everything
  273. [04:44:12] <hachque> cos later on i realised i could attach a field to the OpenID authentication
  274. [04:44:34] <hachque> that field points to a URI which is an XML document describing the endpoints for data sharing
  275. [04:44:43] <hachque> because i learn by examples
  276. [04:44:55] <flaccid> not a great habit
  277. [04:44:55] <hachque> i learn best by reading code that others have implemented
  278. [04:45:10] <hachque> i don't learn by reading specs or wads or documentation
  279. [04:45:23] <hachque> or searching through 20 files to find out where that function is defined
  280. [04:45:27] <flaccid> if thats the case, i have idea what your problem is because all the code is given to you and is open source
  281. [04:45:32] <hachque> if there's a nice linear example
  282. [04:45:37] <flaccid> well i am sorry, that is the status quo
  283. [04:45:42] <hachque> then i'm all good
  284. [04:45:44] <flaccid> accept it.
  285. [04:46:05] <flaccid> and..
  286. [04:46:05] <hachque> but it doesn't have to be status quo
  287. [04:46:09] <flaccid> i found this with my first google search: http://stackoverflow.com/questions/1183788/example-usage-of-ax-in-php-openid
  288. [04:46:40] <hachque> google search of what?
  289. [04:46:46] <flaccid> sure, and like i said, you have the opportunity to change that. don't imply that it is the responsibility of other people.
  290. [04:47:07] <flaccid> google:// attribute exchange php-openid
  291. [04:47:10] <flaccid> probably the most basic keyword search
  292. [04:47:34] <hachque> except that i had no idea that attribute exchange even existed
  293. [04:47:45] <flaccid> sure
  294. [04:47:54] <hachque> not to mention that stackoverflow is dated Jul 26 whereas my original implementation was started at the beginning of this year
  295. [04:48:58] <flaccid> i'm sorry that you didn't find data exchange in your research. i found it very early on when i started my interest in openid
  296. [04:49:18] <hachque> maybe it just wasn't popular at the start of 2009 then
  297. [04:49:39] <flaccid> its because SReg was there from openid 1
  298. [04:50:08] <flaccid> good providers/parties will implement and update as required. this is also problem in adoption as we have identified
  299. [04:50:20] <hachque> and i only ever looked at OpenID 1.1 ._.
  300. [04:51:17] <flaccid> well first google search of openid specification brings you to http://openid.net/developers/ which mentions both the version and also sreg and ax
  301. [04:51:37] <flaccid> it links you practically to all you need to get started
  302. [04:53:11] <hachque> yeah
  303. [04:53:24] <hachque> maybe it's just that Attribute Exchange doesn't scream Read/Write Data Sharing at me :P
  304. [04:56:29] <hachque> o_O JanRain libraries are throwing PHP warnings
  305. [05:06:15] <flaccid> heh i think they say its normal
  306. [05:06:32] <flaccid> lower your err output levels
  307. [05:06:45] <flaccid> don't have to worry about that with python :)
  308. [05:13:59] * Kaliya (n=Adium@adsl-68-124-70-214.dsl.pltn13.pacbell.net) Quit ("Leaving.")
  309. [05:21:48] * Kaliya (n=Adium@adsl-68-124-70-214.dsl.pltn13.pacbell.net) has joined #openid
  310. [05:26:43] <flaccid> hey hachque i have a test op and rp from php-openid examples if you wanna test?
  311. [05:29:19] <flaccid> hachque: i tested an auth and it was successful including sreg
  312. [05:30:17] * mosites (n=mosites@67.136.127.15) has joined #openid
  313. [05:30:21] * mosites (n=mosites@67.136.127.15) Quit (Remote closed the connection)
  314. [05:32:19] <hachque> flaccid: i dont have the code that produced that anymore
  315. [05:32:24] <hachque> i replaced it with calls to JanRain
  316. [05:32:39] <flaccid> sounds like you hacked up stuff
  317. [05:33:20] <hachque> anything to get it working ;D
  318. [05:33:32] <flaccid> it does work
  319. [05:33:41] <hachque> works fine with JanRain
  320. [05:33:44] <flaccid> the two URLs i gave you are out of box
  321. [05:33:48] <hachque> it just didn't work with my maunal implementation
  322. [05:33:59] <hachque> i already know the current implementation i have works
  323. [05:34:05] <flaccid> your manual implementation appears to be where the problem is
  324. [05:34:21] <hachque> well i presumed it would be something as simple as a missing parameter or incorrect value
  325. [05:34:32] <flaccid> bad assumption
  326. [05:34:39] <hachque> what else could it have been?
  327. [05:34:49] <hachque> i mean, that's the only thing there is
  328. [05:34:57] <hachque> parameters and values :P
  329. [05:35:46] <flaccid> i don't support hacked up 'manual' implementations, especially when only http response/requests are given to work with
  330. [05:36:13] <flaccid> there is a lot more to look at then just one request/response. more occurs than just that
  331. [05:36:31] <flaccid> either way, i couldn't replicate the problem
  332. [06:08:16] * hachque (n=jrhodes@ppp198-201.static.internode.on.net) has left #openid
  333. [06:36:27] * flaccid (n=flaccid@unaffiliated/flaccid) Quit (Read error: 110 (Connection timed out))
  334. [07:18:06] * flaccid (n=flaccid@unaffiliated/flaccid) has joined #openid
  335. [07:58:24] <flaccid> anyone up on the latest python/django wise for openid? i think i am going to have to port/rewrite a lot to work with at least django 1.1?
  336. [08:26:09] * Kaliya (n=Adium@adsl-68-124-70-214.dsl.pltn13.pacbell.net) Quit ("Leaving.")
  337. [09:41:26] * singpolyma (n=singpoly@87.255.125.26) has joined #openid
  338. [10:31:24] * singpolyma (n=singpoly@87.255.125.26) Quit (Read error: 104 (Connection reset by peer))
  339. [12:25:03] * daedeloth (n=daedelot@ip-83-134-155-42.dsl.scarlet.be) has joined #openid
  340. [13:25:03] * daedeloth (n=daedelot@ip-83-134-155-42.dsl.scarlet.be) Quit (Remote closed the connection)
  341. [13:30:49] * daedeloth (n=daedelot@ip-83-134-155-42.dsl.scarlet.be) has joined #openid
  342. [13:49:44] * daedeloth (n=daedelot@ip-83-134-155-42.dsl.scarlet.be) Quit (Remote closed the connection)
  343. [13:58:39] * xpo (n=xpo@bearstech/xpo) has joined #openid
  344. [17:06:40] * mosites (n=mosites@67.136.127.15) has joined #openid
  345. [17:16:32] * niekie (i=quasselc@CAcert/Assurer/niekie) has joined #openid
  346. [18:20:27] * Kaliya (n=Adium@adsl-68-124-70-214.dsl.pltn13.pacbell.net) has joined #openid
  347. [19:56:38] * samba (n=samba@c-71-193-166-135.hsd1.or.comcast.net) has joined #OpenID
  348. [20:00:04] * daedeloth (n=daedelot@ip-83-134-155-42.dsl.scarlet.be) has joined #openid
  349. [20:43:13] * Kaliya (n=Adium@adsl-68-124-70-214.dsl.pltn13.pacbell.net) Quit ("Leaving.")
  350. [21:29:32] * xpo (n=xpo@bearstech/xpo) Quit ("see yas")
  351. [22:37:18] * dwhittle (n=dwhittle@c-67-180-8-147.hsd1.ca.comcast.net) has joined #openid
  352. [22:44:42] * dwhittle (n=dwhittle@c-67-180-8-147.hsd1.ca.comcast.net) Quit ("...")
  353. [22:54:13] * flaccid (n=flaccid@unaffiliated/flaccid) Quit ()
  354. [22:58:49] * Kaliya (n=Adium@adsl-68-124-70-214.dsl.pltn13.pacbell.net) has joined #openid
  355. [23:28:08] * Kaliya (n=Adium@adsl-68-124-70-214.dsl.pltn13.pacbell.net) has left #openid
  356. [23:29:05] * xpo (n=xpo@bearstech/xpo) has joined #openid

These logs were automatically created by OpenIDlogbot on chat.freenode.net using a modified version of the Java IRC LogBot.