IdP vs OP (WAS: RE: "Editors" Conference Call)
Dick Hardt
dick at sxip.com
Tue Nov 7 15:35:22 UTC 2006
On 6-Nov-06, at 11:46 AM, Recordon, David wrote:
> I see both sides of this discussion. I think John is correct that the
> role of an OP really is not that different than that of SAML's
> IdP. The
> difference comes down to the trust model. I certainly think
> reputation
> networks will exist which rate OPs, RPs, users, etc and will
> ultimately
> be needed for a technologies with "promiscuous trust models" to thrive
> in a large scale.
>
> I guess reading more of this is making me question if renaming IdP
> really is the best thing to do in OpenID. I think if anything we all,
> as a larger community, should be working to bring OpenID and SAML
> closer
> together versus driving them further apart.
I don't see this as driving SAML apart from OpenID. I see it as
differentiating OpenID as being user-centric vs federated. The IdP
has specific meaning in the federated world. A key differentiator
with OpenID is that trust is not needed between the OP and the RP. It
is implied and perhaps needed in the IdP / RP relationship.
-- Dick
More information about the specs
mailing list