doing as told – with webid + openid


image

1. Get yourself a WebID.
2. Visit a space on the InterWeb that supports OpenID based authentication.
3. When challenged for your OpenID URL simply provide a URL in the following form: http://id.myopenlink.net/openid-proxy/id.vsp?w={Your-WebID}.

see https://plus.google.com/112399767740508618350/posts/f4n6tAuPcE6#112399767740508618350/posts/f4n6tAuPcE6

 

Let’s do the steps, just as stated.

1 says get a webid.

Ok. I choose my own profile and one of its names: http://yorkporc.blogspot.com/2011/11/2uri.html#me.

image

Ok its ugly as hell, but who cares. It’s a technology demo. It will grade C on an exam (for various flaws that came about as I edited it, over and over for special cases). But, it SHOULD still work (not that such matters in an academic exam).

2 says visit an openid relying party.

Well, what better site than the openid foundation.

image

see  https://openid.net/foundation/members/ (and choose the signin, and openid option). note the cute little trick folks stole from the cardspace UI (blocking the modal window beneath, and doing a gray out). Hardly the same assurance, though!

 

3 say use a constructed URI for the claimed identifier

in my case, that is

http://id.myopenlink.net/openid-proxy/id.vsp?w=http://yorkporc.blogspot.com/2011/11/2uri.html#me

for fun, I made a short URI of it, since I cannot type:  http://tinyurl.com/7w8mvem

image

 

ok. To test, doing as the speaker wanted, to start with.

image    image

where before I clicked sign in, I ensured that the webid works (since some dick will probably say I’m lying, subverting, cheating or otherwise being improper).

The first result is (very positively) a challenge for my cert (though the display is a bit off-putting, and I don’t know to WHOM I’m releasing the cert)

image

When I release it, I do find out though!

image

on accept, it goes into hyperspace (and the browser disappeared).

If I trace second run upto the point of accept:

image

somethink funky then goes on with SSL and amazon web services.

image

 

The net result is

image

When I try my tinyURI,

image image

the result is good (in the redirect sense), and the end result is largely the same (openid RP objects, for unknown reasons).

what can we reason?

First, the relying party was WILLING to consume the OP’s metadata (so there is core trust in the SEPs in the XRDS).

Second, the challenge obviously happened by demanding a client certs

Third, there is evidence the webid passed the smell test (as we got a approve screen)

Fourth, something went wrong in the assertion handoff back to the RP, or the RP didn’t like the name form. In the latter case,  it didn’t like either of two possible name forms.

Trying a different option of the webids in the cert:-

http://id.myopenlink.net/openid-proxy/id.vsp?w=http://yorkporc.blogspot.com/

Net result is the same:

image

I wonder if the openlink IDP is consuming my card’s foaf:openid property (when asserting) and its wrong?

wordpress comment review, given URI commenting property:

on using http://id.myopenlink.net/openid-proxy/id.vsp?w=http://yorkporc.blogspot.com/ as the URI in a wordpress.com comment, its interesting to see what happens in the comments review section

image

Not sure what is going on here!

About these ads

About home_pw@msn.com

http://yorkporc.wordpress.com/about-2/
This entry was posted in webid. Bookmark the permalink.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s