[OpenID] OpenID Description?

Stephen Edgar stephen at netweb.com.au
Thu Apr 17 19:09:08 UTC 2008 

Thanks for the reply Drummond,

I will forward this to Roger

Cheers,

Stephen Edgar

-----Original Message-----
From: Drummond Reed [mailto:drummond.reed at cordance.net]
Sent: Friday, 18 April 2008 5:01 AM
To: Stephen Edgar; 'openid-general List'
Subject: RE: [OpenID] OpenID Description?

Stephen,

Unfortunately, as much as you would expect http://openid.org to represent
the OpenID Foundation, it does not (the owners said they wanted to donate
the domain to the OpenID Foundation but they did not). The official OpenID
Foundation site is at http://openid.net/. I'm sincerely hoping that the
information you find there is not "sales blarney".

Second, the fourth assumption on your bullet list below - "the intention
that each person have only one id" - is definitely not true. A key feature
of OpenID 2.0 is widely referred to as "directed identity" after Kim
Cameron's Fourth Law of Identity
(http://www.identityblog.com/stories/2005/05/13/TheLawsOfIdentity.pdf). This
feature allows a user to login to a relying party (RP) with the identifier
of their OpenID Provider (OP) rather than their own identifier, and for the
OP to generate a pairwise unique OpenID identifier for the user at that
particular RP.

If you want a deeper analysis of that feature, plus other privacy-related
features of OpenID, one reference is a paper on OpenID discovery I gave last
month at the IDtrust Symposium:


http://middleware.internet2.edu/idtrust/2008/papers/01-reed-openid-xri-xrds.
pdf

George Fletcher of AOL also gave another OpenID paper there:


http://middleware.internet2.edu/idtrust/2008/slides/11-fletcher-openid.pdf

Hope this helps,

=Drummond

> -----Original Message-----
> From: general-bounces at openid.net [mailto:general-bounces at openid.net] On
> Behalf Of Stephen Edgar
> Sent: Thursday, April 17, 2008 2:38 AM
> To: openid-general List
> Subject: [OpenID] OpenID Description?
>
> Hi OpenID List!
>
> This is my first post to the list and I am not bad myself on understanding
> OpenID and some implementations on the tech front though I received via
> another mail list the following and was hoping someone could point me to
> some articles/links to address the following:-
>
> <snip>
> Can anyone point to an accessible description of OpenID?
>
> Like a lot of open source, the sites and the documentation are very
> much by-geeks/for-geeks.
>
> I suspect that it's just a latter-day MS Passport, but with:
> -   open specs
> -   more adopters (among corporations, if not among people)
> -   the scope for stronger linkage between the id and the entity
> -   the intention that each person have only one id
>
> But I'd welcome any leads to a description or analysis somewhere
> between the sales blarney at:  http://www.openid.org/
> and the highly segmented and detailed (and of course necessary)
> tech-speak at:  http://openid.net/developers/specs/
>
> Thanks!
>
> Roger Clarke                  http://www.anu.edu.au/people/Roger.Clarke/
> Visiting Professor in Info Science & Eng  Australian National University
> Visiting Professor in the eCommerce Program      University of Hong Kong
> Visiting Professor in the Cyberspace Law & Policy Centre      Uni of NSW
> </snip>
>
>
> Regards,
>
> Stephen Edgar
> Stephen at netweb.com.au
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general

More information about the general mailing list