[OpenID] Verisign Seatbelt "vs" ClaimOP/RP -- OpenID not soopenanymore?

[Peter Williams]

We can test whether VeriSign seatbelt technical protocols and administration framework work is open, or not.

Open technologies allow leading implementations to be replaced, and no barrier shall exist for users of the latter to obtain from such as Aol all the technical features and technical security benefits that the former, Sealtbelt users obtain today.

VeriSign is, note, entirely entitled to add service delivery values, audit practices and financial warranties etc - so as to  differentate sealbelt from other services based on the same protocols and protocol bindings.


VeriSign specifying and using a public OpenID binding -requiring https and alowing optional validaton by a trusted https/wininet client of its extended validation certs,  say  - which might together provide assurance that risks of phishing are mitigated by a unique integration  of technical and legal controls - is an entirely proper id mgt service, built on open technology.


....

certainly working to have the SeatBelt up on Mozilla's Add-Ons
page and at that point will provide it for public download as well as
providing documentation with it.  Certainly not trying to do anything
closed, which I hope is shown by the fact that it isn't just limited to
VeriSign's OpenID Provider nor a set list of Providers, but rather any
Provider can add the configuration markup and work with the SeatBelt.

--David