[OpenID] Can one use Generic OpenIds

David Fuelling sappenin at gmail.com
Tue May 22 16:26:24 UTC 2007 

Seems like it's not a good idea to mix the identifier with an attribute of
the identifier.  If you want to say that "beth" (e.g.) is a member of a
given group (like "staff"), then this should somehow be reflected in some
kind of attribute for Beth's OpenId.  You might want to look at the
Attribute Exchange spec for this kind of thing (although I don't know if
group/role data is part of that spec, but I don't see why not).

Only a few weeks ago, when Sun announced that all of their employees would
have OpenId's (and by proxy, all of these employees could identifi
themselves as sun employees using these ids) there was a lot of discussion
(around the web) relating to why this is a bad idea.  Might be worth
searching around for some of the reaction to the Sun announcement (I can't
think of a direct url link at the moment).

david

On 5/21/07, Peter (pt) Sefton < pt at ptsefton.com> wrote:
>
> Hi,
>
> I'm new here. I have tried to find an answer to my question via the
> archive and the rest of the web, but no luck.
>
> Is it reasonable to use OpenId with generic IDs? For example could my
> employer, a university have a generic ID like
> http://openid.myuni.edu.au/staff which would authenticate me as an
> anonymous staff member? We could then make a federation of universities who
> all trusted each other staff, maybe to provide WIFI.
>
> For other cases which required the site I am visiting to know who I am, I
> could use http://openid.myuni.edu.au/staff/my.name .
>
> Maybe I also have a role as a student:
> http://openid.myuni.edu.au/student/postgrad.
>
> In this case I would not have to even remember all these URLs - the host
> site could have a kind of "Where are you from, what role do you have" form,
> so I would pick my home institution off a list, then say I'm a staff member
> and I want to remain anonymous, which is enough to generate the id:
> http://openid.myuni.edu.au/staff
>
> Is this being done already? Is it wrong in some way?
>
> Peter
>
> --
>
> Peter Sefton
> Senior Research Fellow / RUBRIC Technical Manager
> RUBRIC Project, DeC
> University of Southern Queensland
> Toowoomba Queensland 4350 AUSTRALIA
>
>
> Work: sefton at usq.edu.au
> Private: pt at ptsefton.com
>
> p: +61 (0)7 4631 1640
> m: +61 (0)410 326 955
>
> RUBRIC Website: http://www.rubric.edu.au
> USQ Website: http://www.usq.edu.au
> Personal Website: http://ptsefton.com
>
> RUBRIC is supported by the Systemic Infrastructure Initiative as part of
> the Commonwealth Government's Backing Australia's Ability - An
> Innovative Action Plan for the Future
> (http://backingaus.innovation.gov.au)
>
> The University of Southern Queensland is a registered provider of
> education with the Australian Government.
>
> (CRICOS Codes: QLD 00244B | NSW 02225M | VIC 02387D | WA 02521C)
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070522/e63c2ff8/attachment-0002.htm>

More information about the general mailing list