[OpenID] OAuth SPs don't have to be your OpenID OP

santrajan santrajan at gmail.com
Sat Apr 4 16:35:48 UTC 2009


This is really a no-brainer. Somebody should really just go ahead and
implement it. Forget about waiting for anything.


Chris Messina wrote:
> 
> Heh. I think it needs to be implemented first, and that will require some
> massive infrastructure and adoption before it will become useful.
> In reality, the later will require more policy and social change than
> technological effort, so I wouldn't hold your breath. But, if you're
> really
> passionate about this, that's the idea to be advocating and pointing to.
> 
> Chris
> 
> On Sat, Apr 4, 2009 at 12:10 PM, santrajan <santrajan at gmail.com> wrote:
> 
>>
>> Cool! So it will just require some javascript I presume. How fast you
>> think
>> this can be implemented?
>>
>> Chris Messina wrote:
>> >
>> > On Sat, Apr 4, 2009 at 11:23 AM, santrajan <santrajan at gmail.com> wrote:
>> >
>> >>
>> >> Exactly! To quote from that doc.
>> >> "The suggested approach involves two new systems that we refer to as
>> the
>> >> CDS
>> >> (Central Discovery Service) & PDS (Personal Discovery Service).  The
>> only
>> >> job of the CDS is to indicate the location of the user's PDS. "
>> >>
>> >> Something like this for OpenID.
>> >>
>> >
>> > Right. This was what we discussed at the OpenID Design Workshop — that
>> > such
>> > a PDS system could hint to the browser what OP the current user uses —
>> and
>> > nothing more — to enable a generic "Sign in" button for the web w/o
>> having
>> > to support the Nascar screen of logo-buttons that will surely emerge
>> with
>> > the proliferation of directed identity and OPs.
>> >
>> > Chris
>> >
>> >
>> >>
>> >>
>> >> Chris Messina wrote:
>> >> >
>> >> > On Sat, Apr 4, 2009 at 10:57 AM, santrajan <santrajan at gmail.com>
>> wrote:
>> >> >
>> >> >>
>> >> >> Yes but the consumer registration is still required right? I mean
>> it
>> >> >> wouldn't
>> >> >> work without the OAuth key?
>> >> >
>> >> >
>> >> > Auto-registration is a possibility. It's not unlike the association
>> >> that
>> >> > takes place in OpenID on the fly, to the best of my [limited]
>> >> knowledge.
>> >> >
>> >> >
>> >> >> Regarding centralized discovery I was thinking of a centralized
>> >> >> repository
>> >> >> for identities that will allow discovery and manage trust.
>> >> >>
>> >> >
>> >> > You mean like Passport or Facebook? I'm not sure I understand what
>> >> you're
>> >> > proposing. Centralization is against the model and design of the web
>> >> > (albeit, DNS is pretty much centralized discovery/resolution).
>> >> >
>> >> > Have you read about the Personal Discovery Service?
>> >> >
>> >> > http://sites.google.com/site/oauthgoog/Home/pds
>> >> >
>> >> > Chris
>> >> >
>> >> >
>> >>
>> >
>> > --
>> > Chris Messina
>> > Citizen-Participant &
>> >  Open Web Advocate
>> >
>> > factoryjoe.com // diso-project.org // vidoop.com
>> > This email is:   [ ] bloggable    [X] ask first   [ ] private
>> >
>> > _______________________________________________
>> > general mailing list
>> > general at openid.net
>> > http://openid.net/mailman/listinfo/general
>> >
>> >
>>
>> --
>> View this message in context:
>> http://www.nabble.com/OAuth-SPs-don%27t-have-to-be-your-OpenID-OP-tp22879703p22885000.html
>> Sent from the OpenID - General mailing list archive at Nabble.com.
>>
>> _______________________________________________
>> general mailing list
>> general at openid.net
>> http://openid.net/mailman/listinfo/general
>>
> 
> 
> 
> -- 
> Chris Messina
> Citizen-Participant &
>  Open Web Advocate
> 
> factoryjoe.com // diso-project.org // vidoop.com
> This email is:   [ ] bloggable    [X] ask first   [ ] private
> 
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
> 
> 

-- 
View this message in context: http://www.nabble.com/OAuth-SPs-don%27t-have-to-be-your-OpenID-OP-tp22879703p22885274.html
Sent from the OpenID - General mailing list archive at Nabble.com.




More information about the general mailing list