Unfortunately every technology has its technical terms and often they are unintelligible and confusing to people who are new to it. If you have read the provider comparison already you may have stumbled upon some of those terms. Below we try to provide a short explanation.
Attribute Exchange (AX)
Attribute Exchange is an extension for exchanging profile information between Identity Providers and Relying Parties. It is more flexible than SREG and offers more fields for exchange, though it is only working with OpenID 2.0.
Please refer to the Attribute Exchange Schema website for more information.
Consumer / Relying Party (RP)
Relying Parties are websites which accept OpenID’s for login.
Both terms mean the same.
Delegation
This is a nifty feature of OpenID you should consider using. You can use the URI of your own website (e.g. http://yourblog.com) as an OpenID. All you need to do is adding some HTML to the section of your website. It should look like this:
Of course, openidserver and yourname have to be changed accordingly. Now you can easily switch to another provider without changing your OpenID.
Directed Identity
If the OpenID provider supports it, users don’t have to provide their usual OpenID to relying parties, e.g. username.openidprovider.com, but just openidprovider.com. This feature came with OpenID 2.0.
ID Selector
This is a widget by JanRain which helps users selecting their OpenID provider at relying parties (see our blog post about it). Currently the following providers are supported by ID Selector:
- AOL
- Blogger
- Bloglines
- ClaimID
- Clickpass
- Flickr
- IDTail
- LiveJournal
- myID
- myOpenID
- myVidoop
- OpenID by Card
- Orange.fr
- SmugMug
- StartSSL
- Technorati
- VeriSign PIP
- Vox
- WordPress.com
- Xlogon
- Yahoo!
OpenID Provider (OP) / Identity Provider (IdP)
Of course, you will get an OpenID from the provider. Relying Parties ask Identity Providers to assert that you really control an OpenID.
OP and IdP mean the same.
Provider Authentication Policy Extension (PAPE)
This extension (it can be used with OpenID 1.1 and 2.0) allows Relying Parties to request that certain authentication policies are used by OpenID Providers when authenticating users. So it is possible that a Relying Party only lets users log in with an OpenID if they have been authenticated by multi-factor authentication (e.g. by a password and a certificate).
SeatBelt
SeatBelt is a Firefox add-on by VeriSign. The add-on supports users when signing in to Relying Parties. It automatically detects login screens and also helps detecting phishing websites.
SeatBelt is supported by VeriSign PIP, MyOpenID, MyXlogon, AOL, SignOn.com, and OpenID.ee.
Simple Registration Extension (SREG)
SREG is an extension to the OpenID protocol. Relying Parties can ask OpenID Providers to pass some profile data without user interaction.
This data can be exchanged:
- Nickname
- Email address
- Full name
- Date of birth
- Gender
- Postcode
- Country
- Language
- Timezone
The following terms are not really OpenID specific but are mentioned on the OpenID Provider comparison page.
Atom
Similarly to RSS Atom is another syndication format to publish content. Differences between both formats are explained on Sam Ruby’s wiki.
FOAF
This simply means Friend of a Friend. It is describing people and their relations to other people. Social networks can be described as well.
Man-In-The-Middle Attack
Scammers try to intercept communication between two people or websites; succeeding they will be able to read and alter messages sent between both parties.
Microformats
Microformats are open formats to markup certain information in a semantic fashion. Browsers and web applications are able to parse that information and export it.
Some microformats mentioned on Spread OpenID are:
- hCard: It is based on the vCard standard and marks up contact details.
- XFN: XFN is an abbreviation for XHTML Friends Network and describes relations between people.
- xFolk: Collections of bookmarks marked up with xFolk can be easily shared and published.
MicroID
A MicroID is a hash consisting of a hashed communication or identity URI (usually this is an email address but can be an OpenID as well) and a URL a user is claiming. This hash can be verified by services like ClaimID. Users either add the hash to the header section of their website or services (e.g. Last.fm) do this automatically to profile pages.
OAuth
OAuth is a fairly new protocol which allows API authentication between two (web) applications. Some applications let you invite your friends to it by importing your e.g. Gmail address book. Though it is not a good idea to provide your Gmail password to that application; OAuth lets you import your Gmail address book without providing your login credentials to that application.
Pavatar
This is a Personal Avatar, a personal image which represents a user. It is hosted on the user’s own website and is used for comments on weblogs for example.
RSS
Another acronym which means Really Simple Syndication. It is a format to publish content.
SSL
This is an acronym for Secure Socket Layer. It (and its successor Transport Layer Security) is a cryptographic protocol securing data transfers on the internet.
Windows CardSpace / Information Cards
Windows CardSpace is an identity system developed by Microsoft. It is shipped with Windows Vista but also works on Windows XP SP2 with installed .NET Framework 3.0 or later version. Users can have several Information Cards which identify them. Information Cards are stored on the user’s computer.
For more information on Windows CardSpace check out this introduction and Kim Cameron’s (developer at Microsoft) weblog.