[Catalog-sig] OpenID login to PyPI

"Martin v. Löwis" martin at v.loewis.de
Mon Nov 16 21:37:34 CET 2009

>> This I don't understand. You'll be identified by myopenid.com as
>> ubernostrum.myopenid.com *anyway*, even if you first enter something
>> else. So why can't you just go ahead and associate
>> ubernostrum.myopenid.com with your PyPI account, and then use that
>> to login?
> My OpenID is "www.b-list.org". "ubernostrum.myopenid.com" is simply a
> local name my provider uses to refer to me, and may change in the
> future if I change providers. I'd like PyPI to let me use my *real*
> OpenID, and not force me to use something tied to a particular
> provider; this is kinda the whole point of OpenID delegation.

That's right: you can't use the delegation feature of PyPI right
now. But you could certainly use your OpenID with PyPI, as myopenid.com
is one of the accepted providers. I can understand that you may
not *want* to use that - but it would be certainly possible and
easy for you to do so.

Even if PyPI would support entering "www.b-list.org", it would
still notice and remember that you are "ubernostrum.myopenid.com",
because it's part of the protocol that it does.

I don't know what the point of OpenID delegation is; to me, it
appears as a work-around to not have people remember long and
complicated IDs, but rather have them type something they can
remember. With PyPI, you don't have to remember your ID at all -
it never ever becomes relevant for anything.


More information about the Catalog-SIG mailing list