[OpenID] trust management in town-town realty trust environments: SAML2 and openid cooperation in practice?

[Peter Williams]

Some of us in the organized realty infrastructure community are thinking of going beyond the current wave of SAML2-based SSO adoption, enabling 1.3Million Realtors in the US to also now explore the openid world. As Realtors are all now very webaware (not just internet-aware), and ever competing amongst themselves to define deliver differentiated value, they tend to be reaching out to the next wave of buyers and sellers by whatever means necessary - so they can market their own unique variety of agency and counsel, during the complex real estate transaction. Most of us who decide not to do our own house conveyancing, use Realtors we trust - and often the Realtor we meet is often a family member, a neighbor, or a friend of a friend!
 
To this end, some of use have been attempting to reach out to leading lights in the openid community to join in thought leadership conferences within Realty, where the merits and demerits of a co-mingled openid and SAML2 world can be argued and then defined. At this point, the issues are clearly not about any lack of any technology.
 
And, as working code is usually the best way to deliver thought leadership, I want to get some interworking going quickly - whether its a yahoo (openid) hookup, a live.com Virutal Earth mapping hookup, or easy signup to livejournal by all 80,000 realtors in Northern California. Any and all such demos are all good stuff.
 
To this end, Id like to deliver a showcase openid-integration with a model, 3 page (ASP.NET) website build in MS Studio 2003, that is already showcasing integration of some SAML2 SSO handlers with a couple of .NET sample login pages and a demo landing showcasing session management, login cookies and SSO. A (decent) result could be highlighted at a national-level conference, attended by 30,000 realtors. To assist the community in return, I can arrange to subsidize cost of the infrastructure, paying for bandwidth to distribute the integration hooks for a few months, or (US-only) flight costs to attend a panel discussion at a conference etc, etc. Cash for this is not hard to find;  practical leadership capability is.
 
In protocol terms, my aim would be to take the openid .NET library, integrate it with an existing, simple (showcase-grade ) set of SAML2 service provider .aspx web handlers, and use SAML2's SP-initiated SSO to cause an inbound openid request to be vectored over to a production-grade (& audited, crypto-hardware capable ) SAML2 identity provider. On the return trip, the SAML2 token would be relied upon by the SAML2-SP/openid-IDP site and then recast as an openid token - for consumption by the openid relying party . 
 
Peter.
 
-------
 
FYI:-
 
Organized realty is a fun industry for identity system designs - as its an incredibly decentralized in its administration and (trust) rule making. Each town's real estate professionals essentially define their own competitive rules of the local market, with the rules ebbing and flowing in rhythm to the latest year's local ongoings in this and that town and - importantly - the neighboring towns where housing markets often overlap. This induces cross-town identity brokering, importantly. This should all  fertile grounds for user-centric trust modeling *because* (a) 1.3 million realtors are actually independent contractors in general who change their association with a brokerage at will, and (b) the dynamic nature of the brokered real estate market makes for very interesting, very localized, highly social use cases - where there is a constant ebb and flow in the trust relationships.
 
 
________________________________

From: general-bounces at openid.net on behalf of Amiri Barksdale
Sent: Sat 5/26/2007 11:21 AM
To: general at openid.net
Subject: Re: [OpenID] Basic Consumer Problem