Posted by: h4ck@lyst | May 25, 2008

OpenID attribute exchange and my soc

People around have been asking me what is soc and what am I doing? Have been telling it all over again and again and so I think I can also blog about it.

Well SoC is Google summer of code, an open source initiative by Google. Leslie Hawthorn manages the project for google. Google basically sponsors various opensource projects. First it invites applications from varios opensource projects to be a mentoring org of the soc. After the orgs have been finalised, begins the students application period. The students have to send in a project proposal of their choice to an org of their preference. This year a student could send in 20 applications. It could be many apps to one org or diff apps to diff orgs. After the closing of student application, the mentoring org decides which all apps to select based upon the usability of a particular app fot the org. Theres a voting and ranking system which helps them choose the best apps. There is no hard and fixed rule for selection though. Your app should be the best and useful. Thats it. And if you are selected, you work upon the project you proposed and get paid by google for it. (USD $4500) and also get a nice spot on your cv 🙂

My soc proposal is openid attribute exchange implementation. In simplest words, with openid, you just put in your username and password at just one site and then login at openid enabled/supporting sites with your openid withouh using any passwords. One question that I always get at this part of the explanatiion is “Oh, just like gmail and orkut? You need to sign in just once?” The answer, my dear friends, is a humble no. Orkut and gmail are all a part of the same domain. So they can use for cookies for authentication. See to it in this way. You need to login to your gmail, hotmail and yahoomail. Now you ll put three different usernames and passwords. Now yahoo is already a openid provider, i.e, your yahoo account can be used as openID. Now assuming both gmail and hotmail supported openid, then you login to just your identity provider with your username and password and then login to the rest of the openid enabled sites with your openID(say

Now the relying party, i.e the site to which you logged in using your openid will contact your identitty provider and the two of them will confirm that you are an authenticated user. Ofcourse your identity provider will ask you if you want to confirm your authentication to the relying party.

Ok so that was the authentication part. Now the same openid can be used for new user registration also. That means instead of filling in huge registration forms on website, you fill in just one field and voila you are registered. The relying party gets the rest of your details from your identity provider. Of course the identity provider confirms with you before sending any data to the relying party. The relying party can also store some data you gave it with your identity provider, again with your permission. Now all this profile information exchange is done through attribute exchange which is an extension for the openid. I ve to implement this attribute exchange with drupal. 🙂


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: