[OpenID] OAuth SPs don't have to be your OpenID OP

santrajan santrajan at gmail.com
Sat Apr 4 16:10:25 UTC 2009


Cool! So it will just require some javascript I presume. How fast you think
this can be implemented?

Chris Messina wrote:
> 
> On Sat, Apr 4, 2009 at 11:23 AM, santrajan <santrajan at gmail.com> wrote:
> 
>>
>> Exactly! To quote from that doc.
>> "The suggested approach involves two new systems that we refer to as the
>> CDS
>> (Central Discovery Service) & PDS (Personal Discovery Service).  The only
>> job of the CDS is to indicate the location of the user's PDS. "
>>
>> Something like this for OpenID.
>>
> 
> Right. This was what we discussed at the OpenID Design Workshop — that
> such
> a PDS system could hint to the browser what OP the current user uses — and
> nothing more — to enable a generic "Sign in" button for the web w/o having
> to support the Nascar screen of logo-buttons that will surely emerge with
> the proliferation of directed identity and OPs.
> 
> Chris
> 
> 
>>
>>
>> Chris Messina wrote:
>> >
>> > On Sat, Apr 4, 2009 at 10:57 AM, santrajan <santrajan at gmail.com> wrote:
>> >
>> >>
>> >> Yes but the consumer registration is still required right? I mean it
>> >> wouldn't
>> >> work without the OAuth key?
>> >
>> >
>> > Auto-registration is a possibility. It's not unlike the association
>> that
>> > takes place in OpenID on the fly, to the best of my [limited]
>> knowledge.
>> >
>> >
>> >> Regarding centralized discovery I was thinking of a centralized
>> >> repository
>> >> for identities that will allow discovery and manage trust.
>> >>
>> >
>> > You mean like Passport or Facebook? I'm not sure I understand what
>> you're
>> > proposing. Centralization is against the model and design of the web
>> > (albeit, DNS is pretty much centralized discovery/resolution).
>> >
>> > Have you read about the Personal Discovery Service?
>> >
>> > http://sites.google.com/site/oauthgoog/Home/pds
>> >
>> > Chris
>> >
>> >
>>
> 
> -- 
> Chris Messina
> Citizen-Participant &
>  Open Web Advocate
> 
> factoryjoe.com // diso-project.org // vidoop.com
> This email is:   [ ] bloggable    [X] ask first   [ ] private
> 
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
> 
> 

-- 
View this message in context: http://www.nabble.com/OAuth-SPs-don%27t-have-to-be-your-OpenID-OP-tp22879703p22885000.html
Sent from the OpenID - General mailing list archive at Nabble.com.




More information about the general mailing list