Now that OpenID is finally picking up I keep seeing people use lame URLs like http://username.myopenid.com/ to authenticate. This sucks because:
- You are a unique snowflake!
- It ties your identity to your OpenID provider.
- It's only as permanent as your chosen provider (or your patience for it). You can't switch providers while keeping your existing ID.
Furthermore, this profile page usually just contains a single link forwarding to a user's homepage.
So instead of settling for an ugly URI, just use your existing homepage. There's no need to do any complicated set up or install OpenID software, because OpenID supports delegation natively.
Open up your OpenID provider's profile page and copy the OpenID related link and meta tags. On my myopenid page it looks like this:
<meta http-equiv="x-xrds-location" content="http://nothingmuch.myopenid.com/?xrds=1" /> <link rel="openid.server" href="http://www.myopenid.com/server" /> <link rel="openid2.provider" href="http://www.myopenid.com/server" />
Paste that into your homepage, and add the following:
<link rel="openid.delegate" href="http://nothingmuch.myopenid.com/" /> <link rel="openid2.local_id" href="http://nothingmuch.myopenid.com/" />
Obviously the href of the delegate link should point to your own OpenID provider's profile page.
This lets me use a URL that is truly my own, http://nothingmuch.woobling.org/, as a fully functioning OpenID. I didn't have have to install or configure anything. This also allows me freely switch providers while retaining my chosen identity, all OpenID authentication really needs to prove for authentication is that the user entering the URL is also in control of the URL, making providers swappable.
Setting up proper Yadis/XRDS discovery headers is left as an excercise for the user. I was lazy and only used a meta tag ;-)