Final outstanding issues with the OpenID 2.0 Authenticationspecification

Alaric Dailey alaricdailey at hotmail.com
Thu May 17 20:57:51 UTC 2007


I hate to be a PITA but these issues were brought up a while ago by Eddy
Nigg and Myself.  





-----Original Message-----
From: joshhoyt at gmail.com [mailto:joshhoyt at gmail.com] On Behalf Of Josh Hoyt
Sent: Thursday, May 17, 2007 15:50
To: Alaric Dailey
Cc: OpenID specs list
Subject: Re: Final outstanding issues with the OpenID 2.0
Authenticationspecification

On 5/17/07, Alaric Dailey <alaricdailey at hotmail.com> wrote:
>  There are 2 issues that I would like to see addressed.
>
> 1. Forcing Encryption, to protect users data en-route.
> 2. Validated assertions, validating certain bits of data with a third
party.
>
> I know both of these have come up before, but have met with 
> resistence, I would submit that with Sun and AOL supporting OpenID 
> that these issues become more important, especially protecting the users
data.

There are valid use cases for both of these features, but I think that they
can be addressed in a future release of OpenID. I want to get the features
that are already implemented out to users. Part of what will be nice about
getting 2.0 out is that it will give us more freedom to start playing with
new ideas.

Josh




More information about the specs mailing list