[OpenID] Yahoo hijacking?
SitG Admin
sysadmin at shadowsinthegarden.com
Sat Apr 19 19:36:10 UTC 2008
>If potential adopting sites come to believe that there's a
>non-negligible chance that sending someone off to signin with OpenID
>is the last time they'll see them, and in this case that on the
>margin, the IDP is potentially competing with the RP for the users
>attention, we're in trouble.
I need clarification on one point here - what role are these
"potential adopting sites" playing? Are they sending the user off to
a 3rd-party IDP to sign in to the adopting site, or are they letting
the user sign in to a 3rd-party RP by providing the OpenID
credentials? I need to nail down some concretes before I can
generalize; I need to have something solid to generalize *from*. Does
this sort of scenario revolve around becoming an IDP or becoming a RP?
-Shade
More information about the general
mailing list