[Log In] []

Exploring the science and magic of Identity and Access Management
Tuesday, July 23, 2024

OpenID: Sun Style

Author: Mark Dixon
Wednesday, June 6, 2007
7:42 pm

I claimed my very own OpenID identifier at OpenID.sun.com today.

To test my newly minted personal URL, I visited some sites where I didn’t previously have a login account, including ziki.com and peopleaggregator.net, and some sites where I had already established an account, including netscape.com and technorati.com. OpenIDDirectory listed these sites among the many which allowed OpenID authentication.

The first three worked just fine the first time around. I couldn’t find a way to log into Technorati using my OpenID indentifier.

I did find one bug. If I waited too long before logging into a site and then tried to use the service to access another site, I got a message saying that my session had timed out (which is all goodness). But when I returned to the login page and presented my user name and password, I was re-directed to the first site I had visited, rather than the one where I was now trying to log in. Oops! A persistent variable needs to be updated somewhere.

I am not yet aware of a site that really cares that OpenID.sun.com can vouch for the fact that I am a Sun employee. Maybe that will emerge now that the OpenID@Sun is in place.

Technorati Tags: ,


4 Responses to “OpenID: Sun Style”

    OpenID has a number of critics, most of whom concentrate on 1) vulnerability to phishing, 2) lack of requirement for secure transmission, and 3) dependence on DNS, which has a number of security vulnerabilities.

    Comment by Terry Gardner on June 7, 2007 at 5:48 am


    Thanks for your comments. I believe OpenID has value for fairly low value transactions, but certainly does not appear to be appropriate for financial tranactions or other high value applications.


    Comment by Mark Dixon on June 7, 2007 at 7:00 am

    You might find ClaimID.com will allow you to confirm to the public “I am a Sun employee” (with your openid listed publically). Only for those that didn’t know already 🙂

    Comment by John Drinkwater on June 7, 2007 at 8:30 am


    Thanks for your reference to ClaimID. I claimed my Sun OpenID identifier here:

    It can’t be verified in the normal claimID way by embedding an html snippet in the page to which the identify refers, but if you click on the link on ClaimID, it is verified by the Sun identity provider.

    Thanks again,


    Comment by Mark Dixon on June 8, 2007 at 4:49 am

Copyright © 2005-2016, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.