[OpenID] Initial thoughts on OpenID

=nat n-sakimura at nri.co.jp
Tue Jul 10 10:05:32 UTC 2007 

Hi.
 
It was first time for me to see the PAPE and was nice. At the same time, I
started to wonder about the relationship between AQE and PAPE. If you
(David) could enlighten me on this topic, it would be very nice. 
 
Now, coming to the topic of this "classified OPs", I would rather like to
think of it as the AQ and Reputation issue. 
To me, Assertion Quality is defined by "Enrollment Quality", "Authentication
Quality", and "Operational Quality of OP". 
AQE has the first two (though I would like to add several more enrollment
properties: oob is too broad. I would like to see something like
In-Person-with-photo-id etc. added.) . The last one can be taken care of by
Reputation (and audit). 
 
Ideally, there would be multiple reputation services that RP can subscribe. 
Also, for audit, OPs should be able to present the audit status, which can
be verified at the audit service provider site in turn. 
 
This way, we would avoid having central authority classifying OPs and yet
allwoing RPs to have reasonable information for the evaluation of the
assertion. 
 
=nat


  _____  

From: general-bounces at openid.net [mailto:general-bounces at openid.net] On
Behalf Of Recordon, David
Sent: Monday, July 09, 2007 4:13 AM
To: John Wang; OpenID - General
Subject: Re: [OpenID] Initial thoughts on OpenID



Hey John,

Saw your post yesterday and actually syndicated it on
http://planet.openid.net.

 

Generally I agree with you, I think the classification of providers and
reliers is reasonable though really crosses the border from just the OpenID
world as well.

 

I don't think I agree that there are a lot of Relying Parties also issuing
OpenIDs and then only consuming their own.  Rather, I think part of the
current problem is there being an unproportionate number of Providers to
Relying Parties.  This is however changing with sites like http://ma.gnolia.
com only being an OpenID Relying Party and AOL bringing on Relying Parties
later this month.

 

Have you seen
http://openid.net/specs/openid-provider-authentication-policy-extension-1_0-
01.html by any chance?

 

--David

 

From: general-bounces at openid.net [mailto:general-bounces at openid.net] On
Behalf Of John Wang
Sent: Saturday, July 07, 2007 11:27 PM
To: OpenID - General
Subject: [OpenID] Initial thoughts on OpenID

 

Recently I started considering OpenID authentication for a project. I
watched two screencasts and spoke to a few people to get a general feel for
the project and then jotted down my thoughts here:

http://www.dev411.com/blog/2007/07/07/initial-thoughts-on-openid

Some of the thoughts are similar to some posts on this list. Please let me
know where/if I'm wrong. I considered inlining the text but it's kind of
long. 

--
John Wang
http://www.dev411.com/blog/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070710/e72a3f8c/attachment-0001.htm>

More information about the general mailing list