Some suggestions about Open Id AX profile

[SitG Admin]

>Score is not about the OP it's about the method used to gather the 
>attributes itself.

Which is good if you trust the OP to score itself.

>In my opinion, and to keep things easy, trust should be binary I 
>[trust|don't trust] this OP.

For you as a Relying Party this seems workable; but since your users 
are placing their trust in *you*, while at the same time the actual 
entities they end up trusting are the OP's of those people they are 
forming/signing contracts with, this seems like an untenable position 
unless you can either restrict the OP (whitelist) to those you have 
verified (or had verified for you by a 3rd party *you* trust), which 
doesn't give users much freedom to select their OP's but does limit 
possible abuses, or fairly transfer responsibility for trust onto 
users.

>But what If (and this is only an early idea) user A asks it's OP 
>saying , I want to know B's name. So A's OP would then ask B's name 
>to B's OP the same way a RP would do.

Except that A's OP isn't necessarily a RP; there is something called 
OAuth that might fit better here.

-Shade