rawlinson – us

OpenID and Subscriptions

I have added a new feature to the site; OpenID, and reimplemented the site subscription functionality. If you are already subscribed to the blog then you don’t have to do anything – but you can unsubscribe now if you want :O). If you don’t know what OpenID is, and you are curious then please, read on. Otherwise just ignore the remainder of this post.

If you follow the link to OpenID you may not really understand what value this feature offers – or how you can really use it to make your life easier. I’m going to try and explain the power of OpenID as simply as possible. If you have questions about the technology then please, leave a comment and I’ll do my best to answer it.

The basic idea behind OpenID is that you don’t have to have a unique account at every site you go to. Instead you can just login with your OpenID account. That actually says a lot and no matter how I try to explain it the true power is kind of lost so I’ll provide you with an example first.

Before I can start the example let’s assume you already have an OpenID account. I’ll cover what these acccounts are and how to get one later. Ok, now that that is out of the way lets pretend you wanted to login to a website like Ma.gnolia.com (a real website that supports OpenID). You would go to their login page and type your OpenID into the OpenID field of their login form then click the login button. Ma.gnolia.com would then send you off to the OpenID server where your account is to login. At that point you would just type in your OpenID password. Assuming you typed in the correct password the OpenID server would send you back to Ma.gnolia.com where you would be logged in. Mag.nolia.com never needs you to create an account with them, they never know your password, and you can come back to Mag.nolia.com and login the same way everytime. The cool thing is you could use the same OpenID to login to this blog (or to post a comment on this post). The same event would take place – you would enter your OpenID then you would be sent to the OpenID server to login, then you would be sent back here officially logged in – one account would let you use two vastly different services. The coolest thing is each time a site adds OpenID support you won’t have to do anything special – you will be able to login with your OpenID there.

Now that we have put the cart before the horse of telling you how to use your OpenID I should tell you how to get one. The cool thing is there are a lot of different places that have OpenID servers. Once you have created an account on one of those servers you can then head off to your favorite sites and try to login with your OpenID.

So, you may be wondering, how does this work? Well, your OpenID looks a lot like a webpage address (because that is exactly what it is) – it doesn’t matter if people know your OpenID address so long as you keep your password safe (created when you made your OpenID account) and you don’t have to keep using the same OpenID server. If one shuts down, or you decide you don’t trust the one your using anymore, you just recreate your OpenID account on a new server. There is a small trick to this but I’ll explain that in a second. Basically once you have the OpenID (the URL) the site you’re trying to login to will redirect to that URL – that URL needs to be associated with the OpenID server you’re account is on (more on this when I cover that small trick). Once the redirect has happened the OpenID server will login you in and then send back just the information you say it can send back to the origional site you were trying to login and a flag indicating if you logged in successfully. Once that original site gets the green flag they then have to send a confirmation message back to the server (extra security to make sure the confirmation message didn’t come from an intermediary. The site you are trying to login to will have an account setup that is associated with your OpenID so that you can build a history on that site just like you do now, the only difference is you never had to provide the basic profile information, username, or password to the site you want to use, the OpenID server manages all that for you.

OK, so you may be wondering, what’s the trick. Well when you create an OpenID ideally you will create one that points to a location you know isn’t going away anytime soon. For instance my OpenID is http://rawlinson.us/bill. That’s it. I know it isn’t going anywhere because I own this domain name and I don’t plan on ever letting it go. If my family wants one later I can just set them up with one later. However, my OpenID account isn’t on rawlinson.us – it’s on an actual OpenID server at http://claimId.com. The cool thing is all I had to do was put up a simple let page at http://rawlinson.us/bill that tells any website trying to login me with my OpenID where to look for my OpenID server. Now, technically, I could just use the URL that my OpenID server gave me – but, what if I decide to leave that server? Well, then I’d have to create a whole new OpenID and all the accounts I have associated with my first one would be dead. That wouldn’t work very well. So with the technique I’m using (http://rawlinson.us/bill) I only have to update the page there to point to the new server and all my accounts are unaffected by my decision to change providers. It is really really cool.

OpenID is fairly new, however it is starting to get more and more traction. I have been following it almost since it’s inception (off and on) and I think it is a pretty cool solution to a growing problem (to many logins to keep track of). Hopefully more and more sites will join the OpenID movement so that it is truly a universal login! For now, I’m doing my part by having it here.

If you are in my family and want to setup an OpenID then just let me know and I can help you do so.