[OpenID] OpenID + Certs
Nic James Ferrier
nferrier at tapsellferrier.co.uk
Mon Apr 23 18:56:31 UTC 2007
Pat Cappelaere <pat at cappelaere.com> writes:
> We are starting to see more sites that serve OpenIDS and use certificates
> for client-side SSL.
> This is good news. What would even be better would be to make the user cert
> available in the sreg optional attributes for more stringent consumers.
> This would allow me to validate a user's belonging to a specific
> organization for instance if he agrees of course. This would allow certain
> sites to release more sensitive information for Humanitarian Assistance
> and/or Disaster Relief in my case.
> Could this be added easily?
I'm one of those providers.
I don't think it could be done securely.
But the "openid is ldap" trend seems to be one that we're all in broad
agreement on.
--
Nic Ferrier
http://www.tapsellferrier.co.uk
More information about the general
mailing list