OpenID 3.0
Eddy Nigg (StartCom Ltd.)
eddy_nigg at startcom.org
Mon Feb 4 17:25:04 UTC 2008
McGovern, James F (HTSC, IT) wrote:
> The provider authentication policy extension handles half of this
> already (telling you what checking the OP did). It does not cover the
> trust issue though, so without a pre-existing trust relationship there
> is no reason to believe the PAP assertions.
>
Right!
> The trust side is something that would be interesting to see addressed
> in future specs.
>
It has been brought up various times here without any success. Either
the OpenID designers have something very specific in mind for the future
in that respect (and which will come from outside the specs) and/or the
i-names/i-numbers will be the only game in town at some point? Not sure,
just guessing...
> [JFM] Strongly agree here. OpenID needs to be used for more than just
> blog sites and free email providers. If businesses who conduct commerce
> in a B2B scenario were to embrace, the notion of trust needs to be
> discussed.
>
Absolutely agree in both accounts here too. OpenID doesn't want to
address this issue (even it should so in some form). Even a watered-down
federation of OPs for white lists in order to tackle spam was suggested
previously...
The only way to do that, as you indicate below, is by hand-picking the
OPs you trust. This can be one or many...
>
> This is already possible with OpenID 2.0:
> 1. make the Sun OP provide an OP identifier URL that can be used to
> initiate a directed identity request to authenticate any user of the OP.
> 2. to authenticate, the Sun employee store would initiate an OpenID
> request against the URL from (1) rather than asking the user to enter an
> identity URL.
>
--
Regards
Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
Jabber: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Phone: +1.213.341.0390
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20080204/478599ca/attachment-0002.htm>
More information about the specs
mailing list