[OpenID] FW: ProtectNetwork ID Activation Successful!
Nate Klingenstein
ndk at internet2.edu
Sat Apr 5 18:34:43 UTC 2008
Peter,
This is nothing new, and nothing "forced". ProtectNetwork has been
offering support for both protocols for at least a year, and they've
been one of the registrars for TestShib since its inception, for
which we're grateful. I hope TestShib's been a useful facility for
you and you've had a good experience with Shibboleth so far.
I've always viewed any animosity perceived between these communities
as, frankly, destructive and foolish. Protocols are just protocols,
tokens are just tokens, and it's possible to do most of the same
things using both these and other long-forgotten options, like the
Liberty Alliance ID-* and ADFS. Different deployment styles and
operations are more difficult or more open or more secure or more
simple with different protocols, but at the end of the day, it's all
just flavor. I believe all identity providers should follow
ProtectNetwork's lead and support every protocol possible.
On the other hand, there is an interesting discussion about trust
models and attributes that we could be having instead. I know OpenID
is encountering a much more enterprise world right now. This
transition is causing angst and even some accusations, with anger
over white-lists, black-lists, and the buttons being used for session
initiation by some major identity providers. We've always focused on
large-scale deployments, especially through federations, and maybe
some of our practical experience would be useful.
Federated identity infrastructure for applications is our common
goal. It's not glamorous. It's plumbing. We should all tone down
the rhetoric so we can better focus on collaborating towards this as
much as possible. Our true foe is the "Remember this password?"
button in your browser, and right now, it's winning.
Take care,
Nate.
On 5 Apr 2008, at 17:59, Peter Williams wrote:
> Convergence is happening nicely. I think OpenID has been the
> forcing function!
>
> The note below was a very pleasant surprise to me, as Id assume'd
> largely OpenID deniall (if not restrained hostility) from all the
> US contingent of the Shibboleth community. But to the contrary: the
> very provider facilitating signup to the test-Shib process verly
> prominent promotes OpenID. This has to be significantly raising the
> profile of OpenID in the academic SAML world.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20080405/5031cd4e/attachment-0001.htm>
More information about the general
mailing list