Special Request: Client Certificates vs. OpenID

McGovern, James F (HTSC, IT) James.McGovern at thehartford.com
Mon Jan 22 17:08:29 UTC 2007


Last week I sent a note to the list inquiring whether anyone on this list wanted to participate in our industry vertical standards body in hopes of ratifying OpenID as an endorsed horizontal specification. In terms of preparation, it would be greatly appreciated if Dick Hardt, Johannes Ernst and other bloggers could from their blog discuss user-centric identity as a potential solution to industry vertical concerns since nothing neutral (produced by a vendor and not an insurance carrier) exists in this regard.

Other industry verticals such as Pharmaceutical have embraced PKI approaches where they issue client certificates to participants. Many PKI vendors have in secret created user certificate management issues, the inability to allow for roaming users, sharing of desktops, and other concerns that I am of the belief that user-centric approaches could handle. Of course PKI-centric and user-centric don't have to be mutually exclusive but it would be wonderful if the blog entry reflected how approaches such as SAFE (pharma) would have looked in a user-centric world.




*************************************************************************
This communication, including attachments, is
for the exclusive use of addressee and may contain proprietary,
confidential and/or privileged information.  If you are not the intended
recipient, any use, copying, disclosure, dissemination or distribution is
strictly prohibited.  If you are not the intended recipient, please notify
the sender immediately by return e-mail, delete this communication and
destroy all copies.
*************************************************************************

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20070122/9a485803/attachment-0002.htm>


More information about the specs mailing list