[OpenID] OAuth SPs don't have to be your OpenID OP
santrajan
santrajan at gmail.com
Sat Apr 4 16:35:48 UTC 2009
This is really a no-brainer. Somebody should really just go ahead and
implement it. Forget about waiting for anything.
Chris Messina wrote:
>
> Heh. I think it needs to be implemented first, and that will require some
> massive infrastructure and adoption before it will become useful.
> In reality, the later will require more policy and social change than
> technological effort, so I wouldn't hold your breath. But, if you're
> really
> passionate about this, that's the idea to be advocating and pointing to.
>
> Chris
>
> On Sat, Apr 4, 2009 at 12:10 PM, santrajan <santrajan at gmail.com> wrote:
>
>>
>> Cool! So it will just require some javascript I presume. How fast you
>> think
>> this can be implemented?
>>
>> Chris Messina wrote:
>> >
>> > On Sat, Apr 4, 2009 at 11:23 AM, santrajan <santrajan at gmail.com> wrote:
>> >
>> >>
>> >> Exactly! To quote from that doc.
>> >> "The suggested approach involves two new systems that we refer to as
>> the
>> >> CDS
>> >> (Central Discovery Service) & PDS (Personal Discovery Service). The
>> only
>> >> job of the CDS is to indicate the location of the user's PDS. "
>> >>
>> >> Something like this for OpenID.
>> >>
>> >
>> > Right. This was what we discussed at the OpenID Design Workshop — that
>> > such
>> > a PDS system could hint to the browser what OP the current user uses —
>> and
>> > nothing more — to enable a generic "Sign in" button for the web w/o
>> having
>> > to support the Nascar screen of logo-buttons that will surely emerge
>> with
>> > the proliferation of directed identity and OPs.
>> >
>> > Chris
>> >
>> >
>> >>
>> >>
>> >> Chris Messina wrote:
>> >> >
>> >> > On Sat, Apr 4, 2009 at 10:57 AM, santrajan <santrajan at gmail.com>
>> wrote:
>> >> >
>> >> >>
>> >> >> Yes but the consumer registration is still required right? I mean
>> it
>> >> >> wouldn't
>> >> >> work without the OAuth key?
>> >> >
>> >> >
>> >> > Auto-registration is a possibility. It's not unlike the association
>> >> that
>> >> > takes place in OpenID on the fly, to the best of my [limited]
>> >> knowledge.
>> >> >
>> >> >
>> >> >> Regarding centralized discovery I was thinking of a centralized
>> >> >> repository
>> >> >> for identities that will allow discovery and manage trust.
>> >> >>
>> >> >
>> >> > You mean like Passport or Facebook? I'm not sure I understand what
>> >> you're
>> >> > proposing. Centralization is against the model and design of the web
>> >> > (albeit, DNS is pretty much centralized discovery/resolution).
>> >> >
>> >> > Have you read about the Personal Discovery Service?
>> >> >
>> >> > http://sites.google.com/site/oauthgoog/Home/pds
>> >> >
>> >> > Chris
>> >> >
>> >> >
>> >>
>> >
>> > --
>> > Chris Messina
>> > Citizen-Participant &
>> > Open Web Advocate
>> >
>> > factoryjoe.com // diso-project.org // vidoop.com
>> > This email is: [ ] bloggable [X] ask first [ ] private
>> >
>> > _______________________________________________
>> > general mailing list
>> > general at openid.net
>> > http://openid.net/mailman/listinfo/general
>> >
>> >
>>
>> --
>> View this message in context:
>> http://www.nabble.com/OAuth-SPs-don%27t-have-to-be-your-OpenID-OP-tp22879703p22885000.html
>> Sent from the OpenID - General mailing list archive at Nabble.com.
>>
>> _______________________________________________
>> general mailing list
>> general at openid.net
>> http://openid.net/mailman/listinfo/general
>>
>
>
>
> --
> Chris Messina
> Citizen-Participant &
> Open Web Advocate
>
> factoryjoe.com // diso-project.org // vidoop.com
> This email is: [ ] bloggable [X] ask first [ ] private
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
>
--
View this message in context: http://www.nabble.com/OAuth-SPs-don%27t-have-to-be-your-OpenID-OP-tp22879703p22885274.html
Sent from the OpenID - General mailing list archive at Nabble.com.
More information about the general
mailing list