[OpenID] Opt out of Yahoo OpenID?
Peter Williams
pwilliams at rapattoni.com
Sat Jan 19 05:02:26 UTC 2008
http://lists.danga.com/pipermail/yadis/2006-February/002138.html does indeed provide context. It says the then skip does idp-initiated sso with persistent nameid name format conversion, per sp. It also implies that openid2 can do more typical sp-initiated websso with -implied- nameformat=persistent request, causing the op to mask ppi in the openid.
Yahoo are apparently doing the latter - where the masking is for a common sp affiliation set rather than the initiating sp, where set is all RPs, as it happens.
As directed identity is not a standardized term, and yahoo are using std protocol elements to invoke the user selecton of openid for a given rp, they are entitled to use the term directed identity, I find.
-----Original Message-----
From: Dick Hardt <dick at sxip.com>
Sent: Friday, January 18, 2008 6:31 PM
To: sknvn-openid at yahoo.com <sknvn-openid at yahoo.com>
Cc: openid-general <general at openid.net>
Subject: Re: [OpenID] Opt out of Yahoo OpenID?
On 18-Jan-08, at 4:28 PM, sknvn-openid at yahoo.com wrote:
> Hi Simon,
>
> No. The auto generated URL will remain the same (for all RPs) for
> a user.
> We are using the "directed identity" feature to make it easier for
> a user to sign in. The user only has to type in "yahoo.com" or
> click on a button that RP adds to his/her site and we'll send the
> right url identifier back after authentication.
If it is the same URL for all users, then it is not directed
identity. What you have done is generated a "random" URL for them to
use so that the Yahoo OpenID is not linked to their Yahoo account
(unlike the AOL OpenIDs).
Directed identity is what Sxipper does where a different URL is
provided for each RP. Cardspace follows a similar pattern with the
self managed cards.
This does not need to be added to the specification as it was
anticipated and the management is out of band of the protocol.
-- Dick
More information about the general
mailing list