[OpenID] openid query
Eddy Nigg (StartCom Ltd.)
eddy_nigg at startcom.org
Fri Feb 29 11:48:55 UTC 2008
Nat Sakimura wrote:
> But what does it take to get a cert? Very little.
>
> That is why it does not solve the trust problem.
>
> (EV Certs are another initiative to solve this trust problem, though. )
>
Which in the case of OpenID isn't what we are after....Validated
certificates (of which EV is just one form) can be used for
authentication and for assuring to the provider about WHO the owner of a
digital identity (OpenID URI) is. The provider could reflect that fact
to relying parties, should the user wish to do so. It doesn't solve the
trust problem between the RP and the provider.
> Nat
>
> 2008/2/29, Vipin Rathor <v.rathor at gmail.com>:
>
>> hi,
>>
>>
>>
>> >This only solves the problem of eavesdropping, not trust.
>>
>> I'm disagree with this. As per my understanding, the digital
>> certificate provides integrity, authentication and non-repudiation.
>> (http://en.wikipedia.org/wiki/Public_key_certificate). And with the
>> help of trusted third-party (CA), it provides trust relationships.
>>
>> Is there something with OpenID requirements, that I'm not getting?
>> Please help me out...
>>
>>
>> -- Rathor
>>
>> _______________________________________________
>> general mailing list
>> general at openid.net
>> http://openid.net/mailman/listinfo/general
>>
>>
>
>
>
--
Regards
Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
Jabber: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Phone: +1.213.341.0390
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20080229/b6e1b926/attachment-0002.htm>
More information about the general
mailing list