[OpenID] Where's the added value?
Peter Williams
pwilliams at rapattoni.com
Thu Aug 30 02:24:52 UTC 2007
> -----Original Message-----
> From: general-bounces at openid.net [mailto:general-bounces at openid.net]
On
> Behalf Of Gerald Beuchelt
> Sent: Wednesday, August 29, 2007 6:59 PM
> To: Johnny Bufu
> Cc: OpenID List
> Subject: Re: [OpenID] Where's the added value?
>
> Johnny -
>
> I am trying to answer your questions and explain my points below, but
> in
> order to save us all from more argument exchanges, I withdraw not from
> the discussion on the list. If you (or anybody else) are interested in
> continuing, please let me know by personal email.
> Best,
>
> Gerald
[Peter Williams] I'd keep the conversation going actually, on this
thread. Bored folks can just write an elimination rule on the thread
topic.
At this almost-v2 point, with first-generation products coming to
market, rationales have to be written, argued, with appropriate
consensus positions getting formed: so salesfolks don't just hack away
at each other over minor points confusing sales - rather than
collectively forming a nicely competitive market, distinguishing
submarkets based on feature benefits, etc.
So far, I have heard how and accepted that cardspace benefits OpenID -
bringing me something no Liberty like system (e.g. SAML2) ever gave me:
trusted path UI, enabling an IDP to delegate user authentication UI to
the browser-host, and linking PPID controls to the likes of EV-assured
certs when communicating the (possibly writer-to-reader encrypted)
tokenblob to the RP over EV-assured SSL.
I have not heard how OpenID benefits cardspace, but do I really need to?
I have not heard how SAML2 or NameID management protocol benefits the
cardspace, world, either.
So, I'm prepared to hear why bundling cardspace trusted UI with OpenID
is appropriate.
If I speak as a buyer for a mo...I know when RSA came to us having so
tightly bundled their SAML2 federation server with the cleartrust
PDP/PEP product... it was rejected because of the very act of bundling.
We quickly saw almost all the market was bundled: with NDS, with Oracle
db, with J2EE operational culture - none of which suited us. Finally we
found a vendor that stood out from the "monolithic, million-dollar
identity management" model that seemed more about selling NDS, Oracle or
J2EE than getting webSSO effectively sorted out.
More information about the general
mailing list