Proposal for Modularizing Auth 2.0 Discovery
Johannes Ernst
jernst+openid.net at netmesh.us
Fri Mar 2 20:46:58 UTC 2007
While I'm strongly in favor of modularization from an architectural
perspective, is there a potential security problem here if multiple
protocols are developed to resolve the same kind of identifier?
(because they could resolve to a different set of endpoints / services)
It appears to me that the only way this can work is that while we
modularize, we only let the same set of people who have defined some
of the "plug-in" documents define new "plug-in" documents how to do
discovery. The Yadis decentralized innovation model -- everybody
define the service types they like, they don't need to ask anybody --
may not work here.
Or am I off-base?
Cheers,
Johannes.
Johannes Ernst
NetMesh Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openid-relying-party-authenticated.gif
Type: image/gif
Size: 903 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20070302/00fb000a/attachment-0004.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lid.gif
Type: image/gif
Size: 973 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20070302/00fb000a/attachment-0005.gif>
-------------- next part --------------
http://netmesh.info/jernst
More information about the specs
mailing list