CX proposal update
Allen Tom
atom at yahoo-inc.com
Thu Jan 22 20:43:14 UTC 2009
Hi Nat,
Can you define the term "contract"? Is it legally binding? It is just a
signed set of attributes? Who are the parties involved with signing the
contract? The RP, OP, and user? Instead of defining a new CX extension,
would it just be sufficient to define new attributes using AX?
Would it make more sense to use OAuth instead of defining a new OpenID
extension? OAuth is designed to allow a user to authorize an RP (aka
Consumer) to access protected resources hosted by the user's OP (aka
Service Provider). It might make more sense to use the OpenID+OAuth
hybrid protocol along with an OAuth protected web service to exchange
contract information.
Thanks
Allen
Nat Sakimura wrote:
> I have edited the Contract Exchange Proposal on the wiki.
>
> http://wiki.openid.net/Working_Groups%3AContract_Exchange_1
>
> It is substantially shorter and easier to parse, hopefully.
>
> Please discuss.
>
> --
> Nat Sakimura (=nat)
> http://www.sakimura.org/en/
> ------------------------------------------------------------------------
>
> _______________________________________________
> specs mailing list
> specs at openid.net
> http://openid.net/mailman/listinfo/specs
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20090122/87db6d91/attachment-0002.htm>
More information about the specs
mailing list