Consolidated Delegate Proposal

Dick Hardt dick at sxip.com
Tue Oct 10 18:35:23 UTC 2006


On 10-Oct-06, at 11:29 AM, Martin Atkins wrote:

> Dick Hardt wrote:
>>
>> Given that a Google of the delegate tag will yield all URLs
>> containing it,
>> there is no value in hiding delegation anymore.
>>
>
> If I considered it important enough, I could restrict access to my  
> Yadis
> document to only one party using various techniques, thus preventing
> search engines and the IdP from reading the data inside.
>
> Admittedly, this is a lot more effort than most users are likely to  
> go to.

I think that it is possible, but impractical -- and not sure it  
provides any advantage.

The IdP knows you are going to the RP. It just does not know which  
Identifier you are using at the RP, but it does know the delegate  
that you are using. I'm not sure what significant information this  
hides from the IdP.

-- Dick



More information about the specs mailing list