[OpenID] What does Sxipper do?
bob at wyman.us
Tue Jan 23 19:30:02 UTC 2007
On 1/23/07, Josh Hoyt <josh at janrain.com> wrote:
> On 1/23/07, Bob Wyman <bob at wyman.us> wrote
>> BTW: OpenID provides a means for OP and RP to establish a secure
>> association. Why doesn't it do the same for OP and Client?
> There is nothing in the protocol that prevents any software from
> making associations with the OP using the same mechanism
> that RPs use.
I realize that the client could COULD make associations with the OP, what
I'm not sure about is why the process is explicitly discussed and mapped out
for RPs but not for client software... Why would it be "out of scope" for
OpenID to document client software's use of associations in the same way
that it currently documents RP's use of associations? Why does OpenID treat
the security concerns of client software so much differently from the way it
treats the security concerns of RPs?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the general