[OpenID board] [oauth] Fwd: Question on implementation of OAUTH/OpenID for Set-top-box

Kamal Mehta kamal.mehta at gmail.com
Fri Apr 10 19:49:18 UTC 2009


Krishna,

Thanks and appreciate your response.

I have recently started evaluating OpenID/OAuth, so would like to go along
the same lines for implementation  of Custom OpenID Provider and would
follow same existing protocols to store credentials, Would also interested
in implementing Relying Party/Consumer the OpenID/OAuth way.

 BUT, everything follows once I have some blueprint on how I would able to
gracefully handle user authentication (using OpenID) w/out redirection
(using User Agent/Browser), may be thru some API level calls.

*Generally on a broader level, following is the base use case scenario:*

1. User Goes to any/my custom OpenID Provider site and register herself,
grabs OpenID.

2. User then switched to Set-Top-Box STB/Palystation and STB validates the
user authenticity, if not found in local cache, it will need to get User
authenticated with its OpenID Identifier from the OpenID Provider (w/out
redirection if possible).

3. STB gets the response, based on it would grab content from content
provider and presents to the authenticated user.

Rest my solution will follow everything laid out by the OpenId Standards,
such as credential/token caching/establishing trust/communication protocols
etc.

I have not yet drafted proposed architecture, yet but will do and can share
once I get past this point.

So would appreciate if you can talk/share something on that or guide/provide
pointers.

Thanks,
Kamal

On Fri, Apr 10, 2009 at 12:04 PM, Krishna Sankar (ksankar) <
ksankar at cisco.com> wrote:

>  Kamal,
>
>                 It is plausible. There are choreographies that can do
> app2app authC/authZ using OpenID/OAuth mechanisms.  The browser is one
> mechanism and imho is not the only one. It all depends on the trust fabric,
> the credential flow (how it is acquired, accessed and stored) and the
> capability of the devices.
>
>
>
> I would be happy to discuss – but I do not have any special knowledge on
> set-top box implementation. Have you worked out your general authC/authZ
> framework ? Also do you have the use cases /scenarios that requires these
> mechanisms ?
>
>
>
> Cheers
>
> <k/>
>
>
>
> *From:* oauth at googlegroups.com [mailto:oauth at googlegroups.com] *On Behalf
> Of *David Recordon
> *Sent:* Friday, April 10, 2009 11:47 AM
> *To:* general at openid.net List; OAuth
> *Cc:* board at openid.net >> board at openid.net
> *Subject:* [oauth] Fwd: [OpenID board] Question on implementation of
> OAUTH/OpenID for Set-top-box
>
>
>
> Hey Kamal,
>
> I'm forwarding your email to both the OpenID General and OAuth mailing
> lists.
>
>
>
> Cheers,
>
> --David
>
>
>
> Begin forwarded message:
>
>
>
>  *From: *Kamal Mehta <kamal.mehta at gmail.com>
>
> *Date: *April 10, 2009 12:30:31 AM PDT
>
> *To: *board at openid.net
>
> *Subject: **[OpenID board] Question on implementation of OAUTH/OpenID for
> Set-top-box*
>
> *Reply-To: *board at openid.net
>
>
>
> Hi,
>
>
>
> We are evaluating the integration of OpenID/OAUTH for our clients so that
> there could be a seamless user experience of Authentication on
> Playstation/Set-top-box. In due course we investigated it a bit and found
> that OpenID/OAUTH 2.0 follows a redirection model FROM Relying Party TO
> OpenID Provider through the UserAgent, which happens to be browser in all
> example implementation we have seen.
>
>  We have quick question, As described we are using Blue-Ray players which
> lacks the ability of having state-of-the-art browsers, is there any
> possibility of implementing OpenID and OAUTH w/out going thru browser route
> of redirection, such as any direct API call to get an authentication of
> user? Is it even feasible?
>
>  Are there any implementations done for Set-Top-Box by any other company we
> could leverage some design discussions?
>
>  Appreciate your early response.
>
>  Thanks in advance.
>
> --
> Regards,
> Kamal Mehta
> http://www.linkedin.com/in/kamalmehta
>
> _______________________________________________
> board mailing list
> board at openid.net
> http://openid.net/mailman/listinfo/board
>
>
>
>
> --~--~---------~--~----~------------~-------~--~----~
> You received this message because you are subscribed to the Google Groups
> "OAuth" group.
> To post to this group, send email to oauth at googlegroups.com
> To unsubscribe from this group, send email to
> oauth+unsubscribe at googlegroups.com <oauth%2Bunsubscribe at googlegroups.com>
> For more options, visit this group at
> http://groups.google.com/group/oauth?hl=en
> -~----------~----~----~----~------~----~------~--~---
>
>
>



-- 
Regards,
Kamal Mehta
http://www.linkedin.com/in/kamalmehta
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-board/attachments/20090410/9c7a4fe4/attachment.htm>


More information about the board mailing list