Tantek Celik and Aaron Parecki (IndieWeb)


IndieAuth is a way to use your own domain name to sign in to websites. As Internet citizens, we should not be relying on Twitter or Facebook to provide our online identities, we should be able to use our own domain names to log in to sites everywhere. IndieAuth was built to make it as easy as possible for users and for developers to start using this new way of signing in on the web, without the complexities of OpenID.

For end users, it's easier to implement than OpenID and supports multiple authentication schemes for redundancy and fallback. For service providers, it provides an API on top of implementing OAuth as described by the RelMeAuth protocol.

IndieAuth works by linking your website to one or more authentication providers such as Twitter or Google, then entering your domain name in the login form on websites that support IndieAuth. In this case, authentication providers like Twitter or Google, or even Persona, are not treated as the user's identity, but used only for authentication.

Here is a screenshot showing the login choices given to the user after the first step of entering their domain.

IndieAuth takes this one step further, and after the initial setup, gives users a way to configure Time-based One-time Password logins, using Google Authenticator or a similar app. This eliminates the dependency on other services and is a more secure way to log in on shared computers as well.

Distributed Commenting

This would be a demo of using my site to comment on other peoples' posts on their sites. Given a post by Barnaby I can write a post on my site as a reply notifying him about it, where he then pulls in the content and displays it as a comment. Of course, both our posts were syndicated to Twitter and the thread is linked up properly there as well.

Using a similar mechanism, we can introduce as a topic-centric aggregator of posts and replies. Here is an example of a thread that was started on, syndicated to IndieNews, and had two follow-up comments.