December 7th, 2006



Amy picked up an early christmas present for us today - a big 11 litre pot! We also ordered a cheese making kit so we will be able to make cheese. And soup and chili and stuff like that, but most importantly cheese. Mmm.


I've been playing with OpenID recently and put together an OpenID identity provider as a little Python script that runs as a CGI under Apache. I wanted to really understand how the protocol works so I did this without the use of any existing OpenID libraries. It turned out to be a little finicky and the current specification leaves a bit to be desired, but with just 140 lines of code I've got a working OpenID provider.

So my OpenID is now (the use of .name here isn't specifically related to OpenID, it's just part of an url). What can I do with that? There is a growing list of OpenID enabled software where I can theoretically log in with an OpenID. This means I don't have to give every random web site a password (and have to keep thinking up new ones), I can just use my OpenID knowing that nobody else can use my identity. In practice, adoption is slow but progressing well. I hope to be able to use this on sites like Wikipedia or Trademe (New Zealand's version of ebay) in the near future.

brad did the initial development of OpenID a couple of years ago, so it's no suprise that Livejournal has some of the best support for it. There are two halves to this support: (1) Everybody who has a Livejournal account automatically has an OpenID today, so another OpenID that I could use is; (2) People who do not maintain a journal at can still log in to the site, create friends lists, other people can friend them, and so on.

OpenID is really good stuff and hopefully will soon be adopted everywhere. Like other wildly successful protocols such as SMTP, HTTP, and XMPP, nobody owns OpenID so the failure of one company or organisation won't render it useless. And, of course there's no money involved (unlike say, SSL).