Consolidated Delegate Proposal
Dick Hardt
dick at sxip.com
Tue Oct 10 18:35:23 UTC 2006
On 10-Oct-06, at 11:29 AM, Martin Atkins wrote:
> Dick Hardt wrote:
>>
>> Given that a Google of the delegate tag will yield all URLs
>> containing it,
>> there is no value in hiding delegation anymore.
>>
>
> If I considered it important enough, I could restrict access to my
> Yadis
> document to only one party using various techniques, thus preventing
> search engines and the IdP from reading the data inside.
>
> Admittedly, this is a lot more effort than most users are likely to
> go to.
I think that it is possible, but impractical -- and not sure it
provides any advantage.
The IdP knows you are going to the RP. It just does not know which
Identifier you are using at the RP, but it does know the delegate
that you are using. I'm not sure what significant information this
hides from the IdP.
-- Dick
More information about the specs
mailing list