You are here: FIDIS Interactive > FIDIS Database on IMS > 

FIDIS Interactive

More about this database.

Database on Identity Management Systems

Back

“OpenID (Version: n/a)”:

Manufacturer of the IMS

  • OpenID Foundation (OIDF)
  • URL: (Visit Homepage)
  • Nature of provider / distributor: private
  • Nationality of the manufacturer: N/A

Type of the IMS / Class of the IMS

  • Type of the IMS: Type 3
  • Class of the IMS: N/A

Supported languages

  • N/A

References for the IMS

Is the IMS an open/closed IMS?

State of IMS deployment

Distribution of the IMS

Geographic scope

Is the IMS an open/closed IMS?: Open

State of IMS deployment: Concept

Distribution of the IMS: N/A

Geographic scope: Global

Hard and software requirements of the IMS

Web server with CGI capacity

Installed base of the IMS (Userbase)

not deployed yet

Interoperability and supported standards

Protocol is standardised

Server-side component(s)

Web server with CGI capability

Client-side component(s)

Description of functionality / features (client and server)

The goal of OpenID is not to authenticate a user, but to tie articles on interactively created web pages to names and URLs. When a users creates an article on a web page (e.g. a comment or guestbook entry), she supplies the web server with an URL.

The server fetches an HTML document from the URL and parses it for a "link" tag with "rel" attribute "openid.server". The value of this attribute is the URL of a CGI script. The server forces the browser to connect the CGI with a list of parameters.

The CGI checks if the user is signed on at the moment and if she wants the requesting server to know that she is signed on. If so, the CGI replies with a redirect to a CGI on the requesting server. This redirect contains, among other parameters, a signed statement about the identity of the user. Note that in this

context, an identity is not a real name. The requesting server then checks if the parameters are valid and the signature is correct. Note that there is no assumption about a global PKI in this scheme, the keys are fetched by the servers.

The protocol does not help to certify authorship of a real person, it only makes it harder to forge comments on participating web sites. A similiar scheme is IDme (http://www.downes.ca/idm.htm).

Main functionality

Tie identities to articles in web-logs (aka blogs)

Purchase costs in EUR

0 (Open source)

Flow charts of the IMS

Screenshots of the IMS

Other file resources

N/A

Evaluator of the IMS

Martin Meints (ICPP)

General Comments (free text)

Actual Versions of Finalized Specifications according to openid.net/developers/specs/

OpenID Authentication 2.0
OpenID Attribute Exchange 1.0
OpenID Authentication 1.1
OpenID Simple Registration Extension 1.0

Back (This Record was last updated on: 17-04-2008 13:52)