[OpenID] Demo Travel/ retailshop

Peter Williams pwilliams at rapattoni.com
Sun Apr 26 23:24:09 UTC 2009


or. im an rp and I give the association secret to my delegated rp-partner, who is now authorizd to ask for non-identity claims (given the restrictions in his RP XRDS and the nature of the association id). Lets recall, from plaxo, external association managers are now legitimate. no reason why one cannot consider oauth to be an "extenrnal" association manager, or a "complementary" association manager between RPs to faciliate rights delegation for non-identity requests/assertions.
________________________________________
From: general-bounces at openid.net [general-bounces at openid.net] On Behalf Of SitG Admin [sysadmin at shadowsinthegarden.com]
Sent: Sunday, April 26, 2009 3:53 PM
To: Andrew Arnott
Cc: general at openid.net
Subject: Re: [OpenID] Demo Travel/ retailshop

>Effectively, the RP would be asking an OP "I already know who this
>user is, but I'd like to learn more about them."

Could it be used for "I don't care who this user is, I just want to
learn more about them."?

-Shade
_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general



More information about the general mailing list