[OpenID] Live Icons for visual recognition of IDP logos
pwilliams at rapattoni.com
Fri Apr 3 04:47:58 UTC 2009
Obviously to do this I must maintain a mapping of OpenID identities
to local user accounts; and this is a many to one mapping. This means
that the OpenID identity is NOT my user account identity; but instead that
the OpenID identity REFERENCES my user account identity. A
subtle but important distinction.
[Peter Williams] Other websso schemes call the latter session translation. Its main and not-particularly subtle benefit is it allows loose coupling of the identity management systems of 2 or more peers: 1 at OP, another at RP#1, another at an affiliate of RP#1. This contrasts with the tightly coupled vision, which I know some folks consider "true" openid. In that view of the world, any RP that retains a local login or an RP-centric affiliate network is not a "true & faithful" openid participant.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the general