I took some time today to learn about OpenID.

Is it just me or are these newfangled web protocols both much harder to learn and much more poorly specified than traditional internet protocols? Alternately, perhaps I'm getting too old. :-)

Anyway, it's seems to be Not Evil, and I look foward to being able to log into wikis and other sites without having to register separately on each one. Although I note that it punts the spam and abuse problem to some as-yet unimplemented policy layer. After all, there's no mapping between an OpenID and an actual person, just between an OpenID and a web page somewhere. Although there is the potential for someone to do something interesting with an OpenID server that only gives out OpenIDs to people with verified gpg keys.

As my own little gesture toward spreading OpenID, I've added an openid plugin to ikiwiki.

There's a $5000 bounty for implementing OpenID support in free software projects, but I don't think I can collect on it, since it's limited to projects that have tens of thousands of users, and with 30 registered ikiwiki users, my userbase is a few magnitudes too small. Oh well..

FWIW, my personal OpenID is http://joey.kitenet.net/.


Update after some more hacking: Even nicer, ikiwiki can now be set up to use only OpenID for authentication, and not mess with passwords at all. I also added support for the MyOpenID.com affiliate program, which lets users jump from the wiki to creating an OpenID, and back smoothly. My personal wiki is now configured like this.

discussion