[OpenID] cryptographics web of trust
Peter Williams
pwilliams at rapattoni.com
Sun Aug 12 15:40:39 UTC 2007
http://openid.net/wiki/index.php/OpenIDChanges#IdP-driven_Identifier_Selection
Here we see the OpenID auth protocol (proposed) using an URI to identity the IDP - rather than the user. As a provider of a naming context, that IdP is entitled to help an interactive user select which of several URI name to use, when creating an assertion for use by the consuming website. Those names may be from the naming context of the IdP, or any other IdP with which the agent has "some relation" (e.g. multi-mastering, subordination, name context federation...)
Thus, we do need Cleary to label an OP Agent (opting to use RDF) with a FOAF-style URI, as presumably its FOAF relationships to other IDPs controlling other naming contexts for endusers will need to be modeled and represented. This is a wot for the OPs, as opposed to the wot for the end users. These are conventionally modeled as two different sets of knowledge - though need not be.
More information about the general
mailing list