[OpenID] caller_id + federation (was: call it federation (was: thoughts on a consumer drivenidp affiliate program ))
S. Sriram
ssriram at gmail.com
Wed Jan 10 16:31:38 UTC 2007
From: "David Nicol" <davidnicol at gmail.com>
>
> and a request from a known-whitelisted REFERER would be
> trivially forgeable. With federation, the first site becomes the IDp
> for the second site, and the users own IDp does not need to be
> bothered.
>
Okay, to recap caller_id would be useful inasmuch it helps the consumer
bypass requesting the user to fillin their id and click login, the consumer
would intiate the openid login process. In respect of federation, the
consumer would perform a handshake with the idp to get the openid
and would than log the user in.
So, a drop-in OpenId federator that understood the following two calls
should do the trick
(1) ?caller_id=<openid here>&continue=<destination url here>
(2)
?caller_pass=http://idpservice.urltogetidfrom?coupon=id&continue=<destination
url>
In both cases, consumer c(w)ould do a whitelist lookup even before
undertaking
the requested excercise.
In case (1) the consumer would initiate an openid login dance
In case (2) the consumer would intiate a handshake with idpservice at url
provided with
coupon id and retrieve an openid which the consumer than would use to log
the
enduser with.
S. Sriram
More information about the general
mailing list