[jamestomasino]

Well, crap. Anyone else have a good endpoint I can redirect to? I don't want one of my social networks to be the king of my identity. I want to own that with my master domain.

[Sidnicious]

I delegate to Symantec’s (previously Verisign’s) OpenID service:

https://pip.verisignlabs.com/

…it's been pretty solid for me and supports two-factor auth. The <head> of my OpenID endpoint looks like this:

  <link rel="openid.server" href="http://pip.verisignlabs.com/server">
  <link rel="openid.delegate" href="http://[me].pip.verisignlabs.com">
  <link rel="openid2.provider" href="http://pip.verisignlabs.com/server">
  <link rel="openid2.local_id" href="http://[me].pip.verisignlabs.com">
  <meta http-equiv="X-XRDS-Location" content="http://pip.verisignlabs.com/user/[me]/yadisxrds">

[icebraining]

Does it support CNAMEing? I really like that I can add a DNS record on some subdomain of my personal domain and have it just work, without even a web server.

[jamestomasino]

Fantastic! I'm implementing that now. Thanks.