[OpenID] OAuth SPs don't have to be your OpenID OP

Chris Messina chris.messina at gmail.com
Sat Apr 4 16:58:42 UTC 2009


Heh. Go for it!
Of course, you might find some resistance from various international bodies
unless you're adept at balancing the politics of centralized systems against
the desire for national sovereignty.

Chris

On Sat, Apr 4, 2009 at 12:35 PM, santrajan <santrajan at gmail.com> wrote:

>
> This is really a no-brainer. Somebody should really just go ahead and
> implement it. Forget about waiting for anything.
>
>
> Chris Messina wrote:
> >
> > Heh. I think it needs to be implemented first, and that will require some
> > massive infrastructure and adoption before it will become useful.
> > In reality, the later will require more policy and social change than
> > technological effort, so I wouldn't hold your breath. But, if you're
> > really
> > passionate about this, that's the idea to be advocating and pointing to.
> >
> > Chris
> >
> > On Sat, Apr 4, 2009 at 12:10 PM, santrajan <santrajan at gmail.com> wrote:
> >
> >>
> >> Cool! So it will just require some javascript I presume. How fast you
> >> think
> >> this can be implemented?
> >>
> >> Chris Messina wrote:
> >> >
> >> > On Sat, Apr 4, 2009 at 11:23 AM, santrajan <santrajan at gmail.com>
> wrote:
> >> >
> >> >>
> >> >> Exactly! To quote from that doc.
> >> >> "The suggested approach involves two new systems that we refer to as
> >> the
> >> >> CDS
> >> >> (Central Discovery Service) & PDS (Personal Discovery Service).  The
> >> only
> >> >> job of the CDS is to indicate the location of the user's PDS. "
> >> >>
> >> >> Something like this for OpenID.
> >> >>
> >> >
> >> > Right. This was what we discussed at the OpenID Design Workshop — that
> >> > such
> >> > a PDS system could hint to the browser what OP the current user uses —
> >> and
> >> > nothing more — to enable a generic "Sign in" button for the web w/o
> >> having
> >> > to support the Nascar screen of logo-buttons that will surely emerge
> >> with
> >> > the proliferation of directed identity and OPs.
> >> >
> >> > Chris
> >> >
> >> >
> >> >>
> >> >>
> >> >> Chris Messina wrote:
> >> >> >
> >> >> > On Sat, Apr 4, 2009 at 10:57 AM, santrajan <santrajan at gmail.com>
> >> wrote:
> >> >> >
> >> >> >>
> >> >> >> Yes but the consumer registration is still required right? I mean
> >> it
> >> >> >> wouldn't
> >> >> >> work without the OAuth key?
> >> >> >
> >> >> >
> >> >> > Auto-registration is a possibility. It's not unlike the association
> >> >> that
> >> >> > takes place in OpenID on the fly, to the best of my [limited]
> >> >> knowledge.
> >> >> >
> >> >> >
> >> >> >> Regarding centralized discovery I was thinking of a centralized
> >> >> >> repository
> >> >> >> for identities that will allow discovery and manage trust.
> >> >> >>
> >> >> >
> >> >> > You mean like Passport or Facebook? I'm not sure I understand what
> >> >> you're
> >> >> > proposing. Centralization is against the model and design of the
> web
> >> >> > (albeit, DNS is pretty much centralized discovery/resolution).
> >> >> >
> >> >> > Have you read about the Personal Discovery Service?
> >> >> >
> >> >> > http://sites.google.com/site/oauthgoog/Home/pds
> >> >> >
> >> >> > Chris
> >> >> >
> >> >> >
> >> >>
> >> >
> >> > --
> >> > Chris Messina
> >> > Citizen-Participant &
> >> >  Open Web Advocate
> >> >
> >> > factoryjoe.com // diso-project.org // vidoop.com
> >> > This email is:   [ ] bloggable    [X] ask first   [ ] private
> >> >
> >> > _______________________________________________
> >> > general mailing list
> >> > general at openid.net
> >> > http://openid.net/mailman/listinfo/general
> >> >
> >> >
> >>
> >> --
> >> View this message in context:
> >>
> http://www.nabble.com/OAuth-SPs-don%27t-have-to-be-your-OpenID-OP-tp22879703p22885000.html
> >> Sent from the OpenID - General mailing list archive at Nabble.com.
> >>
> >> _______________________________________________
> >> general mailing list
> >> general at openid.net
> >> http://openid.net/mailman/listinfo/general
> >>
> >
> >
> >
> > --
> > Chris Messina
> > Citizen-Participant &
> >  Open Web Advocate
> >
> > factoryjoe.com // diso-project.org // vidoop.com
> > This email is:   [ ] bloggable    [X] ask first   [ ] private
> >
> > _______________________________________________
> > general mailing list
> > general at openid.net
> > http://openid.net/mailman/listinfo/general
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/OAuth-SPs-don%27t-have-to-be-your-OpenID-OP-tp22879703p22885274.html
> Sent from the OpenID - General mailing list archive at Nabble.com.
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>



-- 
Chris Messina
Citizen-Participant &
 Open Web Advocate

factoryjoe.com // diso-project.org // vidoop.com
This email is:   [ ] bloggable    [X] ask first   [ ] private
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090404/937d54f7/attachment-0002.htm>


More information about the general mailing list