[OpenID] openid query

Nat Sakimura sakimura at gmail.com
Sat Mar 1 05:56:30 UTC 2008


Hi. I did not mean that EV certs is an solution. I just said that it can be
a metric when a user or OP or RP measures the turstability of the other
party, because the party with EV certs has gone through more rigorous and
costly procedure to get them.
If I were to apply in the OpenID Reputation Service like context, some
reputation service provider may give +5 points or so for the party with EV
certs. That's all. (Having said that, how parties are scored is explicitly
out of scope for ORMS and the OpenID Reputation Service/Trusted data Exchage
WG that I am going to propose in coming weeks.)

Regards,

=nat

2008/2/29, Eddy Nigg (StartCom Ltd.) <eddy_nigg at startcom.org>:
>
>  Nat Sakimura wrote:
>
> But what does it take to get a cert? Very little.
>
> That is why it does not solve the trust problem.
>
> (EV Certs are another initiative to solve this trust problem, though. )
>
>
>  Which in the case of OpenID isn't what we are after....Validated
> certificates (of which EV is just one form) can be used for authentication
> and for assuring to the provider about WHO the owner of a digital identity
> (OpenID URI) is. The provider could reflect that fact to relying parties,
> should the user wish to do so. It doesn't solve the trust problem between
> the RP and the provider.
>
> Nat
>
> 2008/2/29, Vipin Rathor <v.rathor at gmail.com> <v.rathor at gmail.com>:
>
>
>  hi,
>
>
>
>  >This only solves the problem of eavesdropping, not trust.
>
> I'm disagree with this. As per my understanding, the digital
>  certificate provides integrity, authentication and non-repudiation.
>  (http://en.wikipedia.org/wiki/Public_key_certificate). And with the
>  help of trusted third-party (CA), it provides trust relationships.
>
>  Is there something with OpenID requirements, that I'm not getting?
>  Please help me out...
>
>
>  -- Rathor
>
> _______________________________________________
>  general mailing list
>  general at openid.net
>  http://openid.net/mailman/listinfo/general
>
>
> --
>   Regards      Signer:  Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
> Jabber:  startcom at startcom.org  Blog:  Join the Revolution!<http://blog.startcom.org>
> Phone:  +1.213.341.0390
>



-- 
Nat Sakimura (=nat)
http://www.sakimura.org/en/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://openid.net/pipermail/general/attachments/20080301/bc10185d/attachment-0001.htm 


More information about the general mailing list