[OpenID] Where's the added value?
Johnny Bufu
johnny at sxip.com
Wed Aug 29 18:04:05 UTC 2007
Hi Eric,
On 28-Aug-07, at 5:24 PM, Eric Norman wrote:
> On Aug 28, 2007, at 1:08 PM, Johnny Bufu wrote:
>
>> That's the general OpenID approach. The flow we're proposing is
>> "OpenID wrapped into Infocard".
>
> Could someone provide a list of the additional benefits that would
> accrue to the various parties with such an approach? That is, for
> instance, how does this approach improve the situation for relying
> parties over what they already have with just Information Cards?
I don't think the above is phrased entirely correct. There aren't
"just Information Cards". The ones I believe you are referring to are
Information Cards carrying SAML tokens. The ones we're proposing are
Information Cards carrying OpenID tokens.
Since the SAML tokens were the first, I can see how they may seem to
be the only choice.
Why an RP would choose to implement Infocards + OpenID tokens over
Infocards + SAML tokens is a question that falls within the general
"OpenID vs SAML" dispute.
The OpenID Information Cards specification targets existing OpenID
RPs (which require minimal changes), and offers them a new means of
requesting / transporting the OpenID claims / assertions, which has a
few advantages over the regular OpenID flow.
Johnny
More information about the general
mailing list