[ANN] NameID - Use namecoin id/ to log into OpenID sites
-
- Posts: 7
- Joined: Thu Jul 04, 2013 4:52 pm
Re: [ANN] NameID - Use namecoin id/ to log into OpenID sites
thanks to all developers of that great project!
Re: [ANN] NameID - Use namecoin id/ to log into OpenID sites
Thanks for the encouragement!LiteCoinGuy wrote:thanks to all developers of that great project!
Quick status update: I now have a working prototype of the Mozilla add-on which allows to sign in by just entering the id and clicking "submit" (without manually signing the challenge message) as long as you have namecoind running locally with the correct private key in your wallet. It still lacks a preferences screen though where you can set the connection details for your namecoind.
BTW, if you like the project, I'm still looking for help in particular designing a good page layout and also logo. Please feel free to contact me if you have some talent in this area and want to help out!
BTC: 1domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NCdomobcmcmVdxC5yxMitojQ4tvAtv99pY
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/
-
- Posts: 541
- Joined: Mon May 20, 2013 12:03 pm
- Contact:
Re: [ANN] NameID - Use namecoin id/ to log into OpenID sites
I tried it and it works even better than the .bit domain system.
That could be our breakthrough like some others also suggested.
NameID: virtualmaster
Email Address test Email
XMPP test Jabber
Bitcoin Address test BTC
Namecoin Address test NMC
But gpg and bitaddress not supported.
May I suggest something ?
Could you introduce at least the bitmessage field as suggested by Khal also ?
http://dot-bit.org/Namespace:Identity
Further suggestions:
- gpg support
- we could ask on the Litecoin forum also if they are interested to have a litecoin field in the namespace identity
That could be our breakthrough like some others also suggested.
NameID: virtualmaster
Email Address test Email
XMPP test Jabber
Bitcoin Address test BTC
Namecoin Address test NMC
But gpg and bitaddress not supported.
May I suggest something ?
Could you introduce at least the bitmessage field as suggested by Khal also ?
http://dot-bit.org/Namespace:Identity
Further suggestions:
- gpg support
- we could ask on the Litecoin forum also if they are interested to have a litecoin field in the namespace identity
http://namecoinia.org/
Calendars for free to print: 2014 Calendar in JPG | 2014 Calendar in PDF Protect the Environment with Namecoin: 2014 Calendar in JPG | 2014 Calendar in PDF
BTC: 15KXVQv7UGtUoTe5VNWXT1bMz46MXuePba | NMC: NABFA31b3x7CvhKMxcipUqA3TnKsNfCC7S
Calendars for free to print: 2014 Calendar in JPG | 2014 Calendar in PDF Protect the Environment with Namecoin: 2014 Calendar in JPG | 2014 Calendar in PDF
BTC: 15KXVQv7UGtUoTe5VNWXT1bMz46MXuePba | NMC: NABFA31b3x7CvhKMxcipUqA3TnKsNfCC7S
Re: [ANN] NameID - Use namecoin id/ to log into OpenID sites
Thanks for the feedback! Of course I'll work out more of the identity page fields. (These are simple to add, and were not really the focus of my work so far.) IMHO Litecoin address should already be there. I'll add bitmessage for sure, and also the GPG key seems like a good thing. Note though that I don't consider the identity pages to be the most important feature, which is the OpenID login instead (obviously). AFAIK the fields shared with the site you log in to are standardised (although I'm not sure about them), so sites don't really expect to receive a GPG key or BM address anyway.virtual_master wrote:I tried it and it works even better than the .bit domain system.
That could be our breakthrough like some others also suggested.
NameID: virtualmaster
Email Address test Email
XMPP test Jabber
Bitcoin Address test BTC
Namecoin Address test NMC
But gpg and bitaddress not supported.
May I suggest something ?
Could you introduce at least the bitmessage field as suggested by Khal also ?
http://dot-bit.org/Namespace:Identity
Further suggestions:
- gpg support
- we could ask on the Litecoin forum also if they are interested to have a litecoin field in the namespace identity
Currently I'm still working on the login addon, until that is done, I consider this to be not really useful ... the login with manual signing is too troublesome. But hopefully it will be fixed soon!
BTC: 1domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NCdomobcmcmVdxC5yxMitojQ4tvAtv99pY
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/
Re: [ANN] NameID - Use namecoin id/ to log into OpenID sites
I have now a first version of my Mozilla add-on to release: http://nameid.org/NameIdLogin-0.1.1a.xpi (You can also check out the Git repository, where I tagged "firefox-0.1a" and signed with my GPG key 04F7CF52, as seen also in id/daniel and (with incorrect JSON) in id/domob.)
When this add-on is installed and you open a page that contains a NameID login form (as http://nameid.org/?view=login does), it allows to handle all the signing for you. Just enter your ID, click "Submit" and enter your namecoind passphrase (if you have one). This still needs namecoin-qt so the signmessage command is available, and you have to ensure that the connection settings are correct (can be configured in the Add-On's preferences).
Under GNU/Linux, it should try to guess the connection settings correctly (like my Bitmessage patch does), but since I don't have a Windows or OS X system to test, I couldn't implement finding the correct path to namecoin's configuration directory there. If you want to help me support those operating systems, too, let me know! (But manually configuring the username/password should work for all systems.)
If you have some time, please try it out and let me know whether it works for you! The add-on is still very rough (with some ideas for improvements already in the pipeline), but should work basically already and IMHO this new step makes NameID finally quite usable for practical purposes.
EDIT: Update add-on link to bugfix release of today.
When this add-on is installed and you open a page that contains a NameID login form (as http://nameid.org/?view=login does), it allows to handle all the signing for you. Just enter your ID, click "Submit" and enter your namecoind passphrase (if you have one). This still needs namecoin-qt so the signmessage command is available, and you have to ensure that the connection settings are correct (can be configured in the Add-On's preferences).
Under GNU/Linux, it should try to guess the connection settings correctly (like my Bitmessage patch does), but since I don't have a Windows or OS X system to test, I couldn't implement finding the correct path to namecoin's configuration directory there. If you want to help me support those operating systems, too, let me know! (But manually configuring the username/password should work for all systems.)
If you have some time, please try it out and let me know whether it works for you! The add-on is still very rough (with some ideas for improvements already in the pipeline), but should work basically already and IMHO this new step makes NameID finally quite usable for practical purposes.
EDIT: Update add-on link to bugfix release of today.
Last edited by domob on Thu Jul 11, 2013 7:57 pm, edited 1 time in total.
BTC: 1domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NCdomobcmcmVdxC5yxMitojQ4tvAtv99pY
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/
Re: [ANN] NameID - Use namecoin id/ to log into OpenID sites
Interesting work. So I looked into it a little, took it for test drive, etc but would you mind clarifying a few things for me?
1) All requests for logins at any of the millions of OpenID-enabled websites need to get routed through your server nameid.org correct ?
2) Do you have a privacy policy for the handling (storage, collection, analysis, etc) of the meta data of which ID's are logging in to which sites using nameID?
1) All requests for logins at any of the millions of OpenID-enabled websites need to get routed through your server nameid.org correct ?
2) Do you have a privacy policy for the handling (storage, collection, analysis, etc) of the meta data of which ID's are logging in to which sites using nameID?
Re: [ANN] NameID - Use namecoin id/ to log into OpenID sites
Yes, that's correct. That's simply how OpenID works. However, the full source code to the website is available, thus you can ensure for yourself that I don't store anything (except the standard Apache server logs which I usually discard after a month or so, too) - or, just set up your own server somewhere with the code if you are concerned.moa wrote:Interesting work. So I looked into it a little, took it for test drive, etc but would you mind clarifying a few things for me?
1) All requests for logins at any of the millions of OpenID-enabled websites need to get routed through your server nameid.org correct ?
2) Do you have a privacy policy for the handling (storage, collection, analysis, etc) of the meta data of which ID's are logging in to which sites using nameID?
Note that the project is still in a very early alpha phase, so you shouldn't rely on it anyway (at least not until I enable HTTPS for it, obviously). I will also write a short note or FAQs about my storage policy somewhere at some time, just haven't come around to it yet.
BTC: 1domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NCdomobcmcmVdxC5yxMitojQ4tvAtv99pY
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/
Re: [ANN] NameID - Use namecoin id/ to log into OpenID sites
Thanks ... just needed clarification in my mind how it all works. I've never used OpenID and have actually actively avoided using it since I have no idea how it works ... and default position is "... if Google is involved, steer clear if you value privacy ..." but that's interesting, anyone could run their own server and be able to use OpenID via namecoinID ... great work figuring this out btw.domob wrote:Yes, that's correct. That's simply how OpenID works. However, the full source code to the website is available, thus you can ensure for yourself that I don't store anything (except the standard Apache server logs which I usually discard after a month or so, too) - or, just set up your own server somewhere with the code if you are concerned.moa wrote:Interesting work. So I looked into it a little, took it for test drive, etc but would you mind clarifying a few things for me?
1) All requests for logins at any of the millions of OpenID-enabled websites need to get routed through your server nameid.org correct ?
2) Do you have a privacy policy for the handling (storage, collection, analysis, etc) of the meta data of which ID's are logging in to which sites using nameID?
Note that the project is still in a very early alpha phase, so you shouldn't rely on it anyway (at least not until I enable HTTPS for it, obviously). I will also write a short note or FAQs about my storage policy somewhere at some time, just haven't come around to it yet.
Re: [ANN] NameID - Use namecoin id/ to log into OpenID sites
Your point is of course still valid, with OpenID, your identity provider gets to know every site you login to (the other privacy problem I see with it is that if the same operator runs two sites, he/she can by design easily connect to accounts at both sites to the same identity - although that is of course at the moment also possible when I sign in to both as "domob" or with my email address).moa wrote:Thanks ... just needed clarification in my mind how it all works. I've never used OpenID and have actually actively avoided using it since I have no idea how it works ... and default position is "... if Google is involved, steer clear if you value privacy ..." but that's interesting, anyone could run their own server and be able to use OpenID via namecoinID ... great work figuring this out btw.
In the future, a site may decide to directly support a login via Namecoin address signature - this seems like a good thing to me if sites are willing to implement that themselves (rather than just using OpenID) because it bypasses that problem. This is something that can also be done in a straight-forward way both for the site using my existing code as well as for the user, who can just keep using the Mozilla add-on to sign into those sites as well.
BTC: 1domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NCdomobcmcmVdxC5yxMitojQ4tvAtv99pY
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/