No subject
Tue Jun 3 21:59:26 UTC 2008
been quite closely intertwined - even since version 1.0 with basic
attributes.
Please educate me if otherwise, but .
Is it just common practice that they exist in this way? Most OP's I go to
ask you to log in and then ask what information you wish to share. I don't
find this a particularly good way of doing things as it unites the
authentication and profile characteristics quite tightly. Is one alternative
that you authenticate against and OP, but get the actual attributes against
another provider (which may not directly support OpenID
registration/authentication etc but is quite happy to exchange attributes
associated with a pre-authenticated OpenID using OpenID AX).
So in other words, Site A asks me for some data. I provide a URL to site B
which contains my data . however, site B authenticates the user against site
C (asking for nothing other than authentication) and, given this
authenticated user, Site B then is happy to use AX to send back the data it
contains.
I suspect this has been discussed and perhaps OAuth already discusses this
(please let me know if this is so).
Thanks,
steven
------=_NextPart_000_0015_01C8C5CE.0EF85630
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
xmlns=3D"http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii">
<meta name=3DGenerator content=3D"Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;}
@page Section1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3DEN-US link=3Dblue vlink=3Dpurple>
<div class=3DSection1>
<p class=3DMsoNormal>From what I have seen the OpenID authentication and
attribute exchange have been quite closely intertwined – even =
since
version 1.0 with basic attributes.<o:p></o:p></p>
<p class=3DMsoNormal><o:p> </o:p></p>
<p class=3DMsoNormal>Please educate me if otherwise, but =
…<o:p></o:p></p>
<p class=3DMsoNormal><o:p> </o:p></p>
<p class=3DMsoNormal>Is it just common practice that they exist in this =
way? Most
OP’s I go to ask you to log in and then ask what information you =
wish to
share. I don’t find this a particularly good way of doing things =
as it
unites the authentication and profile characteristics quite tightly. Is =
one
alternative that you authenticate against and OP, but get the actual =
attributes
against another provider (which may not directly support OpenID
registration/authentication etc but is quite happy to exchange =
attributes
associated with a pre-authenticated OpenID using OpenID =
AX).<o:p></o:p></p>
<p class=3DMsoNormal><o:p> </o:p></p>
<p class=3DMsoNormal>So in other words, Site A asks me for some data. I =
provide a
URL to site B which contains my data … however, site B =
authenticates the
user against site C (asking for nothing other than authentication) and, =
given
this authenticated user, Site B then is happy to use AX to send back the =
data
it contains.<o:p></o:p></p>
<p class=3DMsoNormal><o:p> </o:p></p>
<p class=3DMsoNormal>I suspect this has been discussed and perhaps OAuth =
already
discusses this (please let me know if this is so).<o:p></o:p></p>
<p class=3DMsoNormal><o:p> </o:p></p>
<p class=3DMsoNormal>Thanks,<o:p></o:p></p>
<p class=3DMsoNormal>steven<o:p></o:p></p>
</div>
</body>
</html>
------=_NextPart_000_0015_01C8C5CE.0EF85630--
More information about the general
mailing list