Tuesday, September 09, 2008

My OpenID Provider wishlist

I have yet to find an OpenID Provider that offers all that OpenID has to offer.  Though some come awfully close, myopenid.com most notably. 

  1. Multiple personas
    1. Attribute Exchange support (using the correct type URIs), including both ordinary persona information and allowing RPs to push attributes up.
    2. Simple registration support
  2. Unsolicited assertions to any RP I name
    1. ordinary, and
    2. using a user-supplied Claimed Identifier (that is, one that delegates to this OP, but isn't controlled by the OP)
    3. A home page full of customizable bookmarks, including to RPs in which an unsolicited assertion rests in the link so I just click and I'm logged into the site automatically.
  3. Authentication options that include:
    1. InfoCard,
    2. X.509,
    3. telephone,
    4. one-time use passwords, where more can be obtained using cell phone text messages, etc., and
    5. other password alternatives that allow login from strange and untrusted consoles.
  4. Good normalization of identity page URL, always to an https: URL, removing/correcting unnecessary path and querystring variations via redirects
  5. Highly customizable trust settings and history of RPs logged into.
  6. URI recycling
  7. Built-in support for XRIs and free community i-names.
  8. Directed identity support, including optional pair-wise unique claimed identifiers for select RPs
  9. A page that generates an HTML snippet to copy into a delegate URL.
  10. Allow customization of the identity XRDS file to allow for refs so that the file can be imported into another (larger) XRDS file of the user's own hosting.

Ideal OP, are you out there?

No comments:

Post a Comment