[Standards] Login with OpenID

Randy Turner rturner at amalfisystems.com
Mon Sep 3 19:21:51 UTC 2012


Yes, I understand that a GSS-API implementation isn't required, but the GS2 header usage in the non-GSS case starts introducing it a bit early, although I understand there is some genericity to the information included in this header…

My only concern with the draft (albeit a quick read) is that I saw a sentence that says:

"The client now sends the URL it received to a browser for processing. "

I would rather not have to rely on a browser, if possible.  I think OpenID Connect supports a pure REST API  model.

Randy


On Sep 3, 2012, at 10:06 AM, Alexey Melnikov <alexey.melnikov at isode.com> wrote:

> 
> On 03/09/2012 17:58, Randy Turner wrote:
>> Looked at this draft, and it is based on traditional OpenID and GSS-API (an API I've never been a fan of :)
> 
> You don't need to implement or use GSS-API in order to implement the RFC.
> 
>> I'm wondering is something more API/REST-friendly like a solution based on OpenID Connect might be more attractive…
>> 
>> http://openid.net/connect
>> 
>> Randy
>> 
>> 
>> On Sep 3, 2012, at 3:24 AM, Peter Saint-Andre wrote:
>> 
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>> 
>>> On 9/2/12 12:35 PM, Ivan Martinez wrote:
>>>> Hello all, I'm thiking of making it possible to log into my XMPP
>>>> server with OpenID accounts. Is there any existing standard about
>>>> this?. I have seen the discussion from June 2009:
>>>> 
>>>> http://mail.jabber.org/pipermail/jdev/2009-June/thread.html#87693
>>>> 
>>>> Peter talked about working in a new draft, how did it turn out?.
>>> Some other folks worked on that, and it turned into RFC 6616:
>>> 
>>> https://datatracker.ietf.org/doc/rfc6616/
>>> 
>>> It was published only a few months ago, so probably it is not yet
>>> widely implemented in SASL libraries or in XMPP servers and clients.
>>> 
>>> Peter
>>> 
>>> - -- Peter Saint-Andre
>>> https://stpeter.im/
>>> 
> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/standards/attachments/20120903/f6695ee3/attachment.html>


More information about the Standards mailing list