About Archive Tags RSS Feed


Entries tagged openid

You like playing rough, huh?

29 September 2008 21:50

According to my small business advisor it is possible to advertise your company, service, or product on the internet.

Who knows what gem of advice they'll offer next?

In unrelated news all mail delivered to me personally in HTML-only format(s) will be dropped. I've given up being patient.

Finally OpenID - what a pain it is to implement! I've fought with it over the weekend, in amongst rewiring my lighting. Setting up a Perl script to authenticate to an OpenID server is just gnarly. (I now have motion-sensitive lighting in my bathroom, which my kitten loves, and radio controlled lighting in the bedroom. Lazyness is ..)

ObQuote: Resident Evil Extinction

| 1 comment


Just some kind of fairytale.

24 January 2009 21:50

Once upon a time I ran a Valentine-Matching site for Livejournal users. (Actually I did it for about three years in a row, but then got bored.)

The basic idea was simple, you'd visit a magical site and it would present you with the usernames of all your friends. You'd tick a few boxes, and that would nominate those users as your potential valentines.

Then you'd do nothing until February 14th, at which point you'd discover if you matched. A match being made if you chose bob, and bob chose you in return.

(Essentially the site is a big double-blind matching system, albeit with constrained membership, via lj.)

The major technical difficulty in early days was preventing spoofed accounts. I didn't want Evil Alice to be able to visit the site and pretend to be Bob. In the couple of years I did this I came up with a couple of fun schemes to minimize the chances of this occuring - anything from using email validation, to requiring that users taking part updated their profiles to include a magic cookie-string, or posting to a specific community which I could later screen-scrape.

These days the use of openid allows me to prevent spoofing in a trivial manner - and once I realised that I figured why the hell not?!

In short here I am and here we go again:

The motivation? Playing with openID and because I still like to "match people up". I am aware of one marriage that resulted from a match on my system back in 2003. There could be more.

If you're a long-time reader you might remember ctrl-alt-date - how time flies - I just let the domain name(s) expire this week. The timing is a little bit of a coincidence, but not entirely.

The only thing that I'm doing this time is not sending emails on matches, because I just can't. Unless I asked people to volunteer their mail addresses I don't have the data. Still I expect remembering to return for the results won't be a challenge.

Now, lets get viral. But not in an icky fashion ..

ObFilm: Daywatch

| No comments


Is that the smallest you have?

15 June 2009 21:50

Between 2002 and 2009 I was an active member of livejournal but recently I removed all my content, deleted my account, and then ceased using the service.

Unfortunately I had to un-delete the account after a week, as I suddenly realised that I'd used the URL skx.livejournal.com as an OpenID identifier.

(A few sites, such as stackoverflow, only use OpenID for handling accounts. So I just entered the livejournaly one without really thinking it through.)

Anyway the upshot of this is that I've hacked up a "quick" Perl OpenID handler, and I can now authenticate as www.steve.org.uk.

"Quick"? Well the thing about OpenID is that it is complex. More complex than you'd expect. (Common theme, here?)

I've now coded an OpenID consumer (again pretty livejournal-specific!) and an OpenID server - and both times the lack of documentation made the process annoying, fiddling, and more difficult than it should be:

So why something for me? Well if you're going to use OpenID then the whole premise is that you'll centralise. That means that you'll use the same identity everywhere - suddenly if your provider goes bust, gets bought out, or is compromised all the sites you use with it are vulnerable.

If I'm going to use OpenID I want the confidence that it is under my control. Completely. (Delegation does solve that to a certain extent; but not exclusively.)

Finally: No, Debian-Administration.org will not accept OpenID logins. Ask me to justify that sometime. In a pub. You're buying ...

ObFilm: Lolita