[OpenID] What are openids weaknesses?
Peter Williams
pwilliams at rapattoni.com
Mon Sep 3 21:47:02 UTC 2007
Even better!
Now I have the pointer to where the interop discussion is occurring with an OpenID focus: http://blogs.zdnet.com/BTL/?p=3229. Ill go see how the interoperability issues are being framed, biased, motivated, justified etc
Following up the link in the zdnet article, somebody at http://www.identityblog.com/ has some listed some criteria for categorizing distinguished properties ("semantics") of various systems. These seem high level - rather than rules for actual inter-protocol gatewaying/proxying. But, at least its some criteria to start with.
I suppose the questions to ask going in are: What happens when OpenID's UCI-ness and reliance on secure Web-discovery have to match up with other doctrines (such as Shibboleth's metadata repository)? What are the impacts of differing ciphersuites on overall assurance? Are the distinguished criteria defined well enough now to allow for inference-based selection ..of which inter-system connections can satisfy certain end-end goals?
Now I think I finally understand what Mark was saying, when arguing for a std ontology for id systems, with one or other websso protocol. It's not just a question of defining another collection of standard attributes/claims, matching rules and formats/types. Its the distinguished properties of the various management systems handling those attributes that really matters, assuming there will always be several/many worlds of id management.
I'd NEVER have got ANY of this understanding about the OpenID community from just reading the specs!!
________________________________
From: general-bounces at openid.net on behalf of Patrick Aljord
Sent: Mon 9/3/2007 1:21 PM
To: OpenID List
Subject: Re: [OpenID] What are openids weaknesses?
Thanx to all for your great answers. Let's hope OSIS help all the SSO
system to live and communicate better with each other.
Johannes, what does the openid and lid i-names gif mean? and your
address jernst+openid at netmesh.us? is that a way to embed i-name,
openid and emails together?
_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general
More information about the general
mailing list