[OpenID] OpenID based decentralized social networking
Peter Williams
pwilliams at rapattoni.com
Mon Jun 18 16:24:35 UTC 2007
Thanks for the context. I still have not really distinguished in my mind the "social networking" design features of OpenID, vs. implementation value-add But, My best effort to summarize the architecture as I understand it - after 2 weeks - are at the end of what follows. I use X.800 nomenclature, a security vocabulary where I got my core training, or OASIS SAML terminology):-
Security Mechanisms
OpenID Associations [Pairwise message-authentication-key or handle]
OpenID Signature (Protocol) [Remote Operation to TTP message-authentication server]
OpenID Discovery (Protocol) [Knowledge-based system, for determining authoritative name server & services]
OpenID XRI Resolver (Protocol) [Knowledge-based proxy, handling UCIs in form of persistent https URIs]
Security Protocols
OpenID Authentication [WebSSO flow using Redirect Binding]
OpenID HTTP Authentication [ WebSSO flow using HTTP Authorization Binding]
OpenID Exchange [ Attribute Authority flow]
Security Services
OpenID WebSSO [OpenID Website Authentication in given Management Domain]
OpenID WebServicesSSO [OpenID HTTP Authentication in given Management Domain]
OpenID Exchange <Dependent Services> [Attribute contracts]
OpenID Exchange for "Registration Personas" [Profiling contract]
OpenID Exchange for "Social Networking" [Groupware contract]
Secure System for Social Networking
OpenID WebSSO + Exchange + Groupware contract + microformats + semantic links + XRD file extensions + Firefox plugins
More information about the general
mailing list