[OpenID] Can one use Generic OpenIds
Dave Kearns
dkearns at gmail.com
Tue May 22 16:52:06 UTC 2007
From: David Fuelling
>
> Only a few weeks ago, when Sun announced that all of their employees would
> have OpenId's (and by proxy, all of these employees could identifi
> themselves as sun employees using these ids) there was a lot of discussion
> (around the web) relating to why this is a bad idea. Might be worth
> searching around for some of the reaction to the Sun announcement
> (I can't think of a direct url link at the moment).
>
There was much chest-thumping on this list, but many of the outside comments
I read were similar to mine
<http://vquill.com/2007/05/at-last-real-work-for-openid.html>, that - absent
any agreement on AX - this wasn't a particularly bad idea at all.
Still, the Sun construct is based on the domain issuing the OpenID, whereas
this new proposal bases the deduction on the more ephemeral part of the URL,
which would be difficult to keep secure with any sort of group access.
-dave
More information about the general
mailing list