[OpenID] OpenID based decentralized social networking
Lukas Rosenstock
lukas.rosenstock at identity20.eu
Fri Jun 15 16:30:16 UTC 2007
As far as I understand this, it's not different from any usual access
control system except from the fact that the usernames are OpenIDs. So if
I create a website I can give my friend "xy.myopenid.com" the permission
to edit some sites and when she logs on using that identity URL, she is
granted that permission.
That takes us back to the "Sun-case", for example (seems not yet
implemented in Aroundme/Barnraiser) you could give "*.company.com" (= all
employees of a company) access to a system.
Am 15.06.2007, 18:12 Uhr, schrieb Peter Williams <pwilliams at rapattoni.com>:
>
> I'm intrigued in "All these are permission based using your OpenID."
> This suggests you extended OpenID with an authorization model, much like
> folks are extending OpenID - the standard - with Attribute Authorities,
> https name server proxies, etc
>
>
> Did you make the classical split of authorization functions - where the
> OpenID protocol access a "decision-making" module listing which
> entitlements the UCI has, whereas the RP application/agent "enforces"
> those entitlement limits in some context?
--
Lukas Rosenstock
Identity 2.0 Europe :: http://identity20.eu/
More information about the general
mailing list