Wednesday 24 January 2007

OpenId and Comments

I've finally taken the step forward and setup comments on my blog. I require a login to post comments to mitigate spam, but rather then create a whole crappy registration system, I have "OpenID enabled" my blog.

Being an OpenID consumer is pretty easy. Especially since there's this facility called "simple registration" such that the OpenID server can provide a lot of common registration fields. The one I use, for example, is "nickname". Rather then lots of form input from the user, I just request the data from the OpenID server and use that instead. Very nice.

All-in-all, building a comment system in to my blog was pretty easy. They're not syndicated, but I'm okay with that. It's just enough to allow some discussion.

Monday 15 January 2007

New Year and New Identity

I've finally taken the plunge and setup an OpenID. After humming and hawing for a while, I came across this blog where the author explains how to setup your personal site (blog or whatever) to be a proxy for an OpenID. Well, I knew about this in the past, it was really some of the other stuff on his site that convinced me to create an OpenID.

First of all, it is important to understand what this "identity" does and doesn't do. It's a bit, well, it's a bit of an existential problem. "Who" am I? And "who" are you? If you give me your name and I give you mine, what do we know about eachother? Not much. As it turns out, that's basically what you get with an OpenID. A name, nothing more, nothing less.

As it turns out, following the above blog is a good illustration for how an OpenID works and what it does, so:

  1. Go to and register for an OpenID,

  2. Configure your homepage as a proxy for that OpenID,

  3. Go to a site that supports OpenID, like LiveJournal, and post a comment.

Okay, in "step 1", you create your identity. This is like getting your Social Insurance Number or passport. It's your official identity. It's like having your name and number on a little plastic card only in this case, the "number" is actually a URL for your OpenID. Mine is Just like a SIN number, it's kind of a pain to remember, but after using it enough times, you'll remember it ;)

Now "step 2" isn't really necessary. However, just like in real life, my "official" name isn't really the name I like to use everyday. My SIN card says "Joseph Dominic" but I prefer "Dominic Joseph", so I setup a proxy for regular everyday use. Following the instructions in the blog (which involves adding two lines to my blog), I have setup my preferred name ( to be equivalent to my "official" name.

Now in "step 3", I actually use this identity which really shows how this all works. I go to LiveJournal and when I post a comment, it asks me "who are you?" Rather then debate "who" or even "what" am I, just just give my preferred name ( My name doesn't *really* mean anything, it's just something that's going to show up in my comment so anyone that actually knows me will say "hey, Dominic left this message, I know that guy!" Now LiveJournal is a bit of a stickler. It requires my official identity so what the site does is it goes to my identity page, the one, and tries to get my identity verified. What it finds is that my given identity is not my real identity and so LiveJournal gets redirected to my real OpenID, Once it gets there, doesn't just hand over my information, it requires me to a) login, and b) authorized LiveJournal to access my identity. So if I'm happy with handing my SIN over to LiveJournal, I login and confirm that LiveJournal should be able to get my "official" identity.

And that's it. An OpenID is just a name and some sort of verifiable "official" number.

There are many things that an OpenID does not do. It does not create an account for every site. Like for LiveJournal, you don't get a blog just by having an OpenID because you need more then an identity for that, like some web space and such. It doesn't stop spammers, they can register any number of OpenIDs they want to spam you. It doesn't make you anonymous on the web, neither does it reveal any more information then you give.

However, for even these "flaws", having an identity helps address the problems. You may not get a blog on LiveJournal, but you can comment on LiveJournal without a blog. It also can make registering for LiveJournal easier. It may not prevent spammers, but if you could keep an OpenID address book, then you would have a better idea of who's messages were legit, and who's were spam. And even though your "identity" doesn't hide itself, it's just a URL. It doesn't say who you are.

I hope that eventually, OpenIDs will replace all the crappy centralized identities, .Net passport, we're talking about you here, and eventually have wide adoption on the web. It's useful enough that I will use one, but I think it should, and could, become ubiquitous someday.

And that's all I have to say about OpenID.

Popular Posts