[OpenID] OAuth SPs don't have to be your OpenID OP

Nate Klingenstein ndk at internet2.edu
Sat Apr 4 07:44:01 UTC 2009

Johannes & Nat,

Shibboleth has been using this architectural separation for many,  
many years and it's proven flexible and useful.  Authentication  
providers are rarely found separate from attribute providers, and the  
discovery service is more frequently associated with the service  
provider than anyone else, but it's a very clean model.

Run with it,

On 04 Apr 2009, at 06:00, Johannes Ernst wrote:

> But architecturally spot on. At least I think so ;-)
> On Apr 3, 2009, at 22:58, Nat wrote:
>> Right. And I think we are approaching a time that we should stop  
>> thinking of an OP but Discovery provider, Authentication Provider,  
>> and Attribute Provider.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090404/380c37bd/attachment-0002.htm>

More information about the general mailing list