[OpenID] OpenID Information Card
Johnny Bufu
johnny at sxip.com
Tue Dec 18 18:31:47 UTC 2007
Hi Prabath,
On 18-Dec-07, at 4:03 AM, Prabath Siriwardena wrote:
> In a normal, OpenID case, once the user enters his OpenID at the
> relying party - he will be redirected to the OpenID Provider for
> authentication - and also there will be an association between the
> OpenID RP and the OpenID Provider. So, in the case of OpenID
> Information Card , there will be no direct communication between the
> OpenID RP and the OpenID Provider. Is this a correct understanding?
Only half of it:
- the RP is not be able to make an association with the OP, because
it doesn't know the user's identifier until the final step
- the RP *has to* make a direct call to verify the signature of the
assertion directly with the OP.
> My second question is - with this approach are we losing the Single
> Sign-on feature found with normal OpenID case?
Not sure what exactly you are referring to here - can you provide an
example?
> Third - we won't be able to use Personal Infocards for this approach?
Assuming you mean "self-issued cards", then yes - OpenID Infocards
are a type of managed cards.
Johnny
More information about the general
mailing list