[OpenID] openid query
Eddy Nigg (StartCom Ltd.)
eddy_nigg at startcom.org
Thu Feb 28 13:44:42 UTC 2008
Vipin Rathor wrote:
> hi,
> Thanks for ur replies.
>
> Since trust and security between relying party (RP) and OpenID
> provider (OP) is a concern and there is no pre-existing trust
> relationship between them, then why not to use the digital certificate
> (PKI) based approach?
> Let's say, both RP and OP have a X.509 certificate and whenever they
> contact each other, they check other's certificate and do the chain
> validation. Only when both are satisfied, they communicate with each
> other.
This only solves the problem of eavesdropping, not trust. In order to
provide a trust vehicle, a federated openid network or something like
this must be created where participants adhere to certain standards and
requirements (verifiable).
--
Regards
Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
Jabber: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Phone: +1.213.341.0390
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20080228/02cf3eb1/attachment-0002.htm>
More information about the general
mailing list