[OpenID] Laws of id, openid with ssl
Peter Williams
pwilliams at rapattoni.com
Sun Jan 27 17:15:49 UTC 2008
"Error: That Information Card is not valid for http://homepw.myopenid.com/ <http://homepw.myopenid.com/> "
Tried to get a wordpress openid RP to access myopenid provider, to which I attempted to sign in using "my" infocard.
What is the policy on "validity" for "my" infocard on "my" profile @myopenid? Does the infocard's email address, for example, have to match the site's "registered" email address?
Do I get to set any such rules, or is it an "enterprise" policy imposed on me ?
If the openid request from wordpress asks for attributes by sreg or AX, do they come from the last infocard claimset presented, or the registered profile values in the openid account?
Presumably, myopenid's names of profiled user attributes have a mapping now to the std cliams used in MSFT's cardspace cliamset, much as they have a mapping onto sreg names. Can these mapping be published?
I note that (interestingly) "CardSpace in .NET Framework 3.5 understands the WS-SX standards". http://blogs.msdn.com/card/ <http://blogs.msdn.com/card/> . Presumably the days in which PPID are calculated from the values of the SSL cert chain (or various fields in the EV cert in an https session) are coming to an end.
More information about the general
mailing list