During my last few lunch hours at work, I have been using the DotNetOpenAuth library to build myself an OpenID provider. Today, with some luck, I got StackOverflow to recognise my provider and allow me to sign-in using it!
This is an important step toward the first version of my UShadow project.
I want to connect my OpenID provider directly with my iPhone using an app. I want to try and find a way to make OpenID easier to use for the common user by completely eliminating the need for usernames and passwords and instead focussing on the use of a simple PIN number in combination with an iPhone.
The key to this, I believe, lies in QR Codes.
Registration will be as easy as downloading the app and snapping a QR code presented on a registration page. The Provider and App will then negotiate between themselves and the App will send a public key to the Provider. The provider will then use this to verify and trust the iPhone app.
When a user wishes to sign-in to an application or site, they will just need to scan another QR code and confirm using a PIN codes. The App will signal that authentication has been completed and will send the OpenID token to the provider which will then forward it to the requesting site.
That’s my theory anyway
By just using an iPhone device and the a pin, it will hopefully make OpenID far more attractive to the average, non-technical user.
I’ll be blogging a little more about this idea in the coming months as I finish off the MVP. If you’re interested in helping me test UShadow, please shoot me an email at email@example.com