DISQUS

Returning?

Login

Website
http://carlo.zottmann.org/
Original page
http://carlo.zottmann.org/2007/01/22/social-whitelisting-with-openid-my-take/
Subscribe
All Comments
Community
Top Commenters
- Vicki
  1 comment · 1 points
- Hendrik Mans
  3 comments · 2 points
- Daniel Ha
  2 comments · 405 points
- kentbrew
  4 comments · 2 points
- Mark Douglass
  3 comments · 2 points
Popular Threads

carlo.comments: carlo.log → Social whitelisting with OpenID, my take

Mike West · 2 years ago

It absolutely makes sense to me that if whitelists should be automatically collected and parsed, they should be autodiscoverable. Having a distinct URL would solve that problem, but I think the solution would be fairly inflexible in a number of ways (not least of which, linguistically: what's "whitelist" auf deutsch?).

You're already adding the `openid.delegation` and `openid.server` lines to your site every time you change the theme, right? Pasting in another line specifying the `openid.whitelist` doesn't sound like much additional effort. This could even be abstracted from your site's HTML using YARDIS, meaning you wouldn't have to change any template code at all; great, right?
http://simonwillison.net/ · 2 years ago

I definitely prefer having a link attribute on the homepage rather than using a default URL location. Joe Gregorio makes an excellent argument as to why robots.txt and the like are a bad idea: http://bitworking.org/news/No_Fishing

Really like the idea of linking to some form of whitelist from the page that represents an OpenID itself though.
wioota · 2 years ago

Auto-discovery is the way to go. Not everyone has complete control on where they can place files or what the URI will be.