[OpenID] OAuth SPs don't have to be your OpenID OP
Dave Kearns
dkearns at gmail.com
Sat Apr 4 04:48:42 UTC 2009
This is the funniest thing I've read throughout this inordinately obtuse
thread. Evidently you haven't heard about phishing, have you?
-dave
> -----Original Message-----
> From: general-bounces at openid.net [mailto:general-bounces at openid.net]On
> Behalf Of santrajan
> Sent: Friday, April 03, 2009 9:35 PM
> To: general at openid.net
> Subject: Re: [OpenID] OAuth SPs don't have to be your OpenID OP
>
>
>
> The problem is that we are not considering one aspect of the
> internet we have
> seen over the years. The internet has an uncanny ability to sort out trust
> issues on it own. Users learn which RP's to trust. Rp's learn
> which OP's to
> trust. Maybe we should factor this into the thinking and move on
> instead of
> getting bogged down by trust issues.
>
>
> Andrew Arnott wrote:
> >
> >>
> >> Why should OpenID support OAuth at all? OpenID can stand on
> its own. All
> >> OpenID needs to do is address the concerns of RP's and users.
> >
> >
> > Why? Because in your own words "OpenID needs to ... address
> the concerns
> > of
> > RPs and users". OAuth protects users, and aids RPs. Yes, OpenID and
> > OAuth
> > can and do stand on their own. But if they are to be used together, it
> > can
> > be confusing and cumbersome to users unless we work to streamline the
> > process.
> >
> > Pure and simple.
> >
> > _______________________________________________
> > general mailing list
> > general at openid.net
> > http://openid.net/mailman/listinfo/general
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/OAuth-SPs-don%27t-have-to-be-your-OpenID-OP-
tp22879703p22879987.html
Sent from the OpenID - General mailing list archive at Nabble.com.
_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general
More information about the general
mailing list