[OpenID] Infocards [SAML Token] Vs OpenID Infocards[OpenID Token]
Peter Williams
pwilliams at rapattoni.com
Thu Dec 20 00:24:15 UTC 2007
that the unique pseudonym service is in effect betwen the peers does not preclude the existance of an sp-affiliation - where the master sp provides an accountlinking name (e.g. an openid!!) that other RP refer to the originating entity as.
I think I said this along time ago: sp-affiliation with account linking of pseudonuym-protected orcon-managed identities is a nice way to auto-provision openids.
I think some of my early mails to this list had examples of the pseudonym being used as a component of a dynamically provisioned openid. As I recall, I think I disclosed the method to prevent it being (validly) patented.
________________________________
From: general-bounces at openid.net on behalf of =JeffH
Sent: Wed 12/19/2007 3:54 PM
To: general at openid.net
Subject: Re: [OpenID] Infocards [SAML Token] Vs OpenID Infocards[OpenID Token]
Johnny Bufu wrote:
>
> The same OpenID identifier can thus be used across many RPs (if one
> wishes to build reputation around it), a feature which I believe
> cannot be accomplished with the current Infocard + SAML specification
So, i took a look at Identity-Selector-Interop-Profile-v1.pdf
Yes, that particular profile is apparently stipulating use of a pair-wise
pseudonym between the IDP and each RP. See e.g. 4.3.4. Client pseudonym.
That doesn't mean it has to be done that way in any companion profile that's
cooked up. Nor does it mean that an RP cannot facilitate the user's setting of
whatever "display name" the user wishes on that site.
=JeffH
_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general
More information about the general
mailing list