[OpenID] OAuth SPs don't have to be your OpenID OP
ndk at internet2.edu
Sat Apr 4 07:44:01 UTC 2009
Johannes & Nat,
Shibboleth has been using this architectural separation for many,
many years and it's proven flexible and useful. Authentication
providers are rarely found separate from attribute providers, and the
discovery service is more frequently associated with the service
provider than anyone else, but it's a very clean model.
Run with it,
On 04 Apr 2009, at 06:00, Johannes Ernst wrote:
> But architecturally spot on. At least I think so ;-)
> On Apr 3, 2009, at 22:58, Nat wrote:
>> Right. And I think we are approaching a time that we should stop
>> thinking of an OP but Discovery provider, Authentication Provider,
>> and Attribute Provider.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the general