Friday, March 2. 2007OpenID and InfoCards coming to SerendipityTrackbacks
Trackback specific URI for this entry
No Trackbacks
Comments
Display comments as
(Linear | Threaded)
Perusing your site, and reading a forum topic on your OpenID plugin (and your mention of Infocards)... Am I right in assuming Infocard is a Microsoft technology that is a competing, similar protocol using a different strategy? I'd do a search, but I fear I would find much more technical babble than a clear comparison.
Hi Brendon,
They are more complimentary than competing imo. A lot of people might disagree with me, but I see OpenID geared more towards social networking situations. You want single sign on with the capability of having an identifier (you URL) that is publicly known and traceable across different sites. Infocard on the other hand can provide more security and privacy, which makes it great for commercial applications. The payload of an infocard can carry almost any type of information making it much more flexible and powerful, again imo Take a look at this diagram from Eve Maler to see how they overlap yet also provide different features: http://www.xmlgrrl.com/blog/archives/2007/03/28/the-venn-of-identity/ You might also want to take a look at the "Introducing Windows CardSpace" paper from Microsoft (http://msdn2.microsoft.com/en-us/library/aa480189.aspx). Make sure you differentiate between CardSpace (MS selector) and Infocard when reading it. I personally use the xmldap selector for firefox (http://xmldap.org/) as it runs on Linux too. Note: It does require Firefox 2.0+ to work.
Hmm, I'd personally prefer keeping the information in the authors table as sort of a cache. You'd have an additional field that would contain the necessary information so that the user information could be rechecked. Then the plugin or whatever does the auth could do scheduled runs to invalidate accounts that are no longer valid in the remote site either. Probably a dumb idea but I'd be happy to be told hear the arguments if you're against it.
|