2007-07-04
What OpenID is (and is not)
Put simply, OpenID lets you prove that you are associated with a URL. More specifically, it is a protocol for letting your website ask the remote URL if some visitor is associated with it.
This neatly points to the issue with putting too much weight on someone just having an OpenID: you have no idea how the remote URL makes that decision. It is perfectly possible to create an OpenID server that always says 'yes, that person is associated with me' when asked, and in fact it's been done.
This means that an OpenID in general is only a weak identity; anyone can have one or many and a given identity may have any number of people using it, much like a website login posted to bugmenot.
(This is ultimately why LiveJournal considers 'people with an OpenID' to be in the same class as entirely anonymous users, because they are. Someone with an OpenID has just gone to slightly more work than the completely anonymous people.)
If you want stronger identity information about people, you need to restrict what sorts of OpenID remote URLs you accept, because then you can know more about the policies those URLs use. The ultimate case of this is using known OpenIDs to identify specific people instead of forcing them to get a new identity on your site.
(As has been noted by Simon Willison, you may still want to ask people to register, but OpenID can save them from having to make up a new account name and password for you.)
Problems with EXA X acceleration on ATI cards in Fedora Core 6
As I understand it, a modern X server and its graphics card drivers has two choices for low-level hardware acceleration methods: the older XAA and the more recent EXA. EXA's big goal is to support the sort of fancy composition and graphics that modern desktops and programs want to use; in particular, if it works it speeds up Firefox's page scrolling for web pages with complex graphical backgrounds.
(If your card's driver supports it, you switch the X server to using EXA
through an xorg.conf change. I am not going to try to summarize the
details here; see the manpage for your card driver, such as radeon(4),
and the xorg.conf manpage. XAA is the default acceleration method.)
When I read about this I was running into some web pages that Firefox was scrolling slowly, so I promptly leapt to try it out. However, I ran into some problems on my ATI-using machines:
- on my dual-head setup at work with both an ATI X300 and an ATI X750,
solid window moves promptly got achingly slow. This is apparently
a known issue with some EXA configurations, but in any case it meant
that I turned off EXA at work.
- more seriously, I started to have erratic total system lockups
on my home system (identical to my work machine except that it has an
ATI X800GTO in a single-headed configuration). They seemed to be
most often provoked by watching YouTube Flash videos, although I
believe some happened just from using
xineand perhaps other Xv-using applications.(I am not completely sure EXA is at the root of these lockups, but I haven't had any in a week since I reverted to XAA, and EXA is said to be 'possibly unstable'.)
Unfortunately, this may well matter in the future because of Cairo. Cairo is is more or less Gnome's 2D graphics library (it used to draw SVG graphics in Firefox, for example). Cairo makes heavy use of the XRender extension and thus assumes it will be reasonably fast, but the XRender extension is exactly what EXA is designed to speed up. No EXA means no fast XRender which means Cairo-based programs are probably going to perform relatively badly.
For now I have my fingers crossed that Fedora 7 has an updated ATI driver and X server that fix these issues, although I am not sure that I will have the courage to try it out immediately. (Having my home machine lock up erratically was really, really irritating.)
(Just to be clear, I using the open-source radeon driver, not ATI's binary fglrx driver.)