[ANN] NameID - Use namecoin id/ to log into OpenID sites

Post Reply
domob
Posts: 1129
Joined: Mon Jun 24, 2013 11:27 am
Contact:

[ANN] NameID - Use namecoin id/ to log into OpenID sites

Post by domob »

I already mentioned it on another thread, but now I feel confident to "officially" announce my current namecoin project: https://nameid.org/ This is an OpenID identity provider, where login does not work by registering an account there and using a password, but instead via signing a challenge message with your id/-name private key. You can even associate certain details with your name (like email address) if you want, and have this handed forward when you sign into an OpenID-enabled site. (Although I'm planning to improve the current system for controlling this.)

Please consider this really as a very, very early alpha-stage. It works for me from a technical point of view (I tried for instance authenticating with StackExchange but also run some tests from http://test-id.org/), but a lot of stuff needs to be addressed before it can really be considered usable:
  • The page layout is non-existent. It would be great if someone is interested to help me out with graphical design and working on a logo, since I'm not talented in that respect. (Also, I'll probably split the lots of information on the start page into different pages to make it more digestable.)
  • The connection is not yet TLS-encrypted. This will definitely come in the future, but I have to get around some problems with my hosting to make it work. (In particular I need a second IP for my server (or a separate VPS for nameid) because I already use TLS for some other site on the same IP.)
  • There's not yet a .bit domain set up. I already own nameid.bit and myid.bit (id.bit and openid.bit would be nice, too, but both are already taken by someone else), yet have to update the name to point to the correct IP. However, the OpenID identifier will still be nameid.org since the relaying party connects to it directly and this will probably fail for .bit domains.
  • To actually log in, you have to manually sign a challenge message at the moment - which means using namecoin-qt's "signmessage" on the commandline, and before that, figuring out the address connected to your name. I plan to implement a browser plugin to do that for you (but you still need namecoin-qt installed).
  • I plan to separate the key used to sign into NameID from the key that owns your id/-name so that you don't have to use that "more precious" key all the time and can instead store it safely away. The idea is to provide a specification for how to link public keys (another namecoin address or maybe even a GnuPG key) to your id/ which will then be recognized by NameID in addition to the real private key of the name.
  • You have to register your id/ somewhere else, I don't provide that service (and don't plan on doing it). After all, you and only you should own the private key. So it will still be probably quite hard for someone new to namecoin to use it, even when the browser plugin will be there. But maybe namecoin-qt could add a feature to easily register identities (or is it already there?).
I really hope this can be a useful service, and help boast namecoin usage in general as well as the specific use-case of id/ in particular. (I find that to be a really interesting use beside domains.) Feel free to test out and let me know about any problems you find and suggestions you have - or if you want to help with any of the issues mentioned above (or anything else).
Last edited by domob on Mon Jul 15, 2013 6:40 am, edited 1 time in total.
BTC: 1domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NCdomobcmcmVdxC5yxMitojQ4tvAtv99pY
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/

jjg
Posts: 8
Joined: Tue Jun 18, 2013 1:38 am
os: linux

Re: [ANN] NameID - Use namecoin id/ to log into OpenID sites

Post by jjg »

This looks extremely useful, thank-you for building it and I'll be taking it for a spin shortly!

jjg
Posts: 8
Joined: Tue Jun 18, 2013 1:38 am
os: linux

Re: [ANN] NameID - Use namecoin id/ to log into OpenID sites

Post by jjg »

Ran into a snag domob,

My namecoind doesn't seem to have the "signmessage" method; is there a certain version I need or is that perhaps in a fork, etc.?

khal
Site Admin
Posts: 708
Joined: Mon May 09, 2011 5:09 pm
os: linux

Re: [ANN] NameID - Use namecoin id/ to log into OpenID sites

Post by khal »

jjg wrote:Ran into a snag domob,

My namecoind doesn't seem to have the "signmessage" method; is there a certain version I need or is that perhaps in a fork, etc.?
It is only in namecoin-qt for now (go to about, debug console).
I've no excuse for it not being included in namecoind, as I've created the first version of signmessage/verifymessage in bitcoin :D
NamecoinID: id/khal
GPG : 9CC5B92E965D69A9
NMC: N1KHAL5C1CRzy58NdJwp1tbLze3XrkFxx9
BTC: 1KHAL8bUjnkMRMg9yd2dNrYnJgZGH8Nj6T

Register Namecoin domains with BTC
My bitcoin Identity - Send messages to bitcoin users
Charity Ad - Make a good deed without paying a cent

khal
Site Admin
Posts: 708
Joined: Mon May 09, 2011 5:09 pm
os: linux

Re: [ANN] NameID - Use namecoin id/ to log into OpenID sites

Post by khal »

Here is my reply, moved from the other thread :
domob wrote:I'm working on a project to make the id/ namespace more useful. In particular, I have a half-working implementation of an OpenID identity provider which allows anyone holding an id/ name to sign in. You don't (and can't) have to register with the site and don't have a password, rather you have to sign in with a private key signature of the address holding your id/ name. Once the provider is fully working, one can immediately use one's namecoin id to sign into millions of OpenID enabled sites on the web - which I find pretty cool.

In the future there may be more options to sign in, for instance with a different NMC address or even a PGP key, where the public key is stored in your id/ name at a special field to mark it is public key for authenticating this identity. I also plan to implement a browser plugin, which automates the challenge message signature for ease of use. (At the moment one has to find the address corresponding to the name first, and then use the command-line to signmessage the challenge.)

If someone is interested to test the alpha version or help out with designing the page / a logo, please let me know! The code will be GPLv3 (free software of course), so anyone can set up another identity provider based on the same idea and code, so that this can be as decentralised as possible.
Interesting project.
What will be the login for the name "id/khal" for example, on your provider ? on other providers ?

Your code will be GPLv3, but in which language ? :p

The forum could support openid with this plugin, so we could integrate it at some point :
https://www.phpbb.com/community/viewtop ... &t=1883675
NamecoinID: id/khal
GPG : 9CC5B92E965D69A9
NMC: N1KHAL5C1CRzy58NdJwp1tbLze3XrkFxx9
BTC: 1KHAL8bUjnkMRMg9yd2dNrYnJgZGH8Nj6T

Register Namecoin domains with BTC
My bitcoin Identity - Send messages to bitcoin users
Charity Ad - Make a good deed without paying a cent

domob
Posts: 1129
Joined: Mon Jun 24, 2013 11:27 am
Contact:

Re: [ANN] NameID - Use namecoin id/ to log into OpenID sites

Post by domob »

khal wrote:
domob wrote:I'm working on a project to make the id/ namespace more useful. In particular, I have a half-working implementation of an OpenID identity provider which allows anyone holding an id/ name to sign in. You don't (and can't) have to register with the site and don't have a password, rather you have to sign in with a private key signature of the address holding your id/ name. Once the provider is fully working, one can immediately use one's namecoin id to sign into millions of OpenID enabled sites on the web - which I find pretty cool.

In the future there may be more options to sign in, for instance with a different NMC address or even a PGP key, where the public key is stored in your id/ name at a special field to mark it is public key for authenticating this identity. I also plan to implement a browser plugin, which automates the challenge message signature for ease of use. (At the moment one has to find the address corresponding to the name first, and then use the command-line to signmessage the challenge.)

If someone is interested to test the alpha version or help out with designing the page / a logo, please let me know! The code will be GPLv3 (free software of course), so anyone can set up another identity provider based on the same idea and code, so that this can be as decentralised as possible.
Interesting project.
What will be the login for the name "id/khal" for example, on your provider ? on other providers ?
You can type in 'nameid.org' (or http://nameid.org/) in the OpenID login box, it will then redirect to my site where you have to enter 'khal' and sign the challenge. Afterwards you will be identified as 'http://nameid.org/?name=khal' (this is BTW also a valid link and shows your "profile" with the stuff you have in your id/ name).
khal wrote:Your code will be GPLv3, but in which language ? :p
The server is in PHP, using the php-openid library. (It is already available on gitorious.org, the link is somewhere on the main page.) The Firefox plugin I'm working on right now will be (obviously) in JavaScript. Maybe in the far future a mobile client (Android / Java) might also be interesting, but for that we first need a namecoin Android application. That would be an interesting project by itself ... do you have any idea how far bitcoinj can be used for namecoin? Since in my opinion namecoin is not primarily about payments, it would maybe even make sense to have a non-wallet client first which "just" provides name-lookup either based on a cloud server (easy?) or by handling the block-chain itself (harder?). Every time I think about namecoin, there are so many interesting things that come to my mind.... :D
khal wrote:The forum could support openid with this plugin, so we could integrate it at some point :
https://www.phpbb.com/community/viewtop ... &t=1883675
That would be cool! :D
BTC: 1domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NCdomobcmcmVdxC5yxMitojQ4tvAtv99pY
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/

ninjarobot
Posts: 40
Joined: Tue Jun 04, 2013 4:59 am

Re: [ANN] NameID - Use namecoin id/ to log into OpenID sites

Post by ninjarobot »

Fantastic project!

Who said namecoin should restrict itself to domain names? The are so many more name related use cases. Open Identity being a very good one.

Will try this one out when I find some time! (hopefully this Sunday)

domob
Posts: 1129
Joined: Mon Jun 24, 2013 11:27 am
Contact:

Re: [ANN] NameID - Use namecoin id/ to log into OpenID sites

Post by domob »

ninjarobot wrote:Fantastic project!

Who said namecoin should restrict itself to domain names? The are so many more name related use cases. Open Identity being a very good one.

Will try this one out when I find some time! (hopefully this Sunday)
Nice to hear all that optimistic feedback! As a quick update, I've managed to work out how to write Firefox addons and have already code to recognize a NameID login form, but the link to namecoind and actually signing the challenge is not yet there. Will hopefully come soon, so that it is actually usable without all that hassle about command-line and copying back and forth the strings.
BTC: 1domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NCdomobcmcmVdxC5yxMitojQ4tvAtv99pY
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/

virtual_master
Posts: 541
Joined: Mon May 20, 2013 12:03 pm
Contact:

Re: [ANN] NameID - Use namecoin id/ to log into OpenID sites

Post by virtual_master »

It is a simple but genial idea like the egg of Columbus.
I wonder why nobody implemented until now.
It could gain more importance than the domain system.
Would be possible to to make an additional field in the qt-client to ask the id/somebody ?
Then it wouldn't be the same problem as with the domain names if your server is falling out.
Fortunately here it is also more easy to solve it because it is not so much data as by a domain.
Integrating it into Bitmessage and OpenID would also give a great boost to the id/ system.
http://namecoinia.org/
Calendars for free to print: 2014 Calendar in JPG | 2014 Calendar in PDF Protect the Environment with Namecoin: 2014 Calendar in JPG | 2014 Calendar in PDF
BTC: 15KXVQv7UGtUoTe5VNWXT1bMz46MXuePba | NMC: NABFA31b3x7CvhKMxcipUqA3TnKsNfCC7S

domob
Posts: 1129
Joined: Mon Jun 24, 2013 11:27 am
Contact:

Re: [ANN] NameID - Use namecoin id/ to log into OpenID sites

Post by domob »

virtual_master wrote:Integrating it into Bitmessage and OpenID would also give a great boost to the id/ system.
I hope so, that's why I'm working on those. ;) (And I'm looking forward to using both for myself, too.)
BTC: 1domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NCdomobcmcmVdxC5yxMitojQ4tvAtv99pY
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/

Post Reply