Hands-on Project 8-5 : Use an OpenID Account
Screenshot of http://www.livejournal.com/openid/
I entered my identity URL(which is yojaeon.pip.verisignlabs.com) in "Your OpenID URL"
After I clicked login, i returned to the Personal Identity Provider OpenID site of Verisign Labs.
(As I did not log out, I do not have to enter Username and passwords again.)
And the URL bar of this page indicates that this is the Verisign site.
I allowed Livejournal to use "yojaeon" as my OpenID and I returned to Livejournal website.
Next I go to http://www.lifewiki.net/login
Same as what I did for Livejournal website, I entered my Identity URL.
Clicked on allow
And i was logged in to Lifewiki
Reflection:
From the last practical (Hands-on Project 8-4) I did, I created an OpenID. So for this practical, I am going to use the account. As you can see from the pictures above, I tested out with LiveJournal and Wikilife website. I simply enter my identity URL and when the website redirects me back to https://pip.verisignlabs.com/. I only have indicates I trusts these websites with my identity, https://pip.verisignlabs.com/ will send me back to the websites and I am then authenticated. Overall, it seemed very easy to use, all that required is my identiy URL. Only if OpenID is supported by more websites, I will recommend it to other users, right now there’s only around 240 websites (according to OpenID Directory) that uses OpenID. Not really worth to have an account.
Next, is the security issue. OpenID has its weakness, it depends on the URL identifier routing to the correct server, which depends on a domain name server (DNS) that has its own security weakness. In this current format, OpenID is not considered strong enough for most banking and e-commerce Web sites. Thus, I will not access my bank information with it. However, for less secure sites, I will still consider to use it.Labels: Hands-on Project, Practical07
林小颍's work ^—^V
