[OpenID] Consumers storing data againat an OpenID

Dick Hardt dick at sxip.com
Thu May 22 17:55:27 UTC 2008 

There are LOTS of implications in doing this .. I thought it was an  
interesting idea to discuss. :)

I would expect the user to CONTINUE to decide if the attributes are  
stored or released, regardless of what an RP asks. The OP is the  
user's agent, not the RPs.

-- Dick

On 22-May-08, at 10:41 AM, Paul Madsen wrote:

> the implication of this seems to be that the user's policy over the  
> release of his/her attributes to different SPs could be trumped by  
> (or at least in conflict with) that of the SP who happened to have  
> pushed the attribute to the OP in the first place?
>
>
> paul
>
> Dick Hardt wrote:
>> Attribute Exchange was intended for an RP to store data that would   
>> useful to other RPs.
>>
>> If there is sufficient interest in the use case that Steven has   
>> brought up, AX could be extended so that data stored is tagged  
>> with  its origin and then provided back to the RP when the user  
>> logs in  again in the future. For small sites, this has the  
>> advantage of being  able to outsource local attributes.
>>
>> -- Dick
>>
>> On 22-May-08, at 3:14 AM, Steven Livingstone-Perez wrote:
>>
>>
>>> Thanks Jorn - yes you are right about protecting "local"  
>>> attributes  so that
>>> it isn't shared amongst bodies (that is a whole new discussion).
>>>
>>> I will need to look more into the attribute exchange today/tomorrow.
>>>
>>> The reason it is useful at the IP is simply for convenience for  
>>> RP's  who
>>> want to store attribute information against the ID's but don't  
>>> want to
>>> modify their local schema. An IP durable bucket would be very  
>>> useful.
>>>
>>> Regards,
>>> Steven
>>> http://weblivz.openid.org
>>>
>>> -----Original Message-----
>>> From: general-bounces at openid.net [mailto:general- 
>>> bounces at openid.net]  On
>>> Behalf Of Jørn Wildt
>>> Sent: 22 May 2008 09:55
>>> To: 'OpenID List'
>>> Subject: Re: [OpenID] Consumers storing data againat an OpenID
>>>
>>>
>>>> this has already being
>>>> considered under OpenID Attribute Exchange
>>>>
>>> But does Attribute Exchange take the origin into account? It's  
>>> much  like
>>> cookies - if site A stores attribute X at the IP, will site B  
>>> then  get the
>>> attribute?
>>>
>>> Should it? In this example it is some local school information.  
>>> But  what if
>>> I used the same OpenID at both CIA and Al-Quaeda? Then I probably   
>>> wouldn't
>>> want my CIA spyname sent to Al-Quaeda just because CIA found it   
>>> convenient
>>> to store it at the IP.
>>>
>>> It seems to me that local data should be stored at the RP only -  
>>> it  has
>>> nothing to do at the IP.
>>>
>>> Or have I missed something?
>>>
>>> /Jørn
>>>
>>> -----Original Message-----
>>> From: general-bounces at openid.net [mailto:general- 
>>> bounces at openid.net]  On
>>> Behalf Of Prabath Siriwardena
>>> Sent: 22. maj 2008 10:47
>>> To: Steven Livingstone-Perez
>>> Cc: general at openid.net
>>> Subject: Re: [OpenID] Consumers storing data againat an OpenID
>>>
>>> If I correctly understood your question - Yes - this has already  
>>> being
>>> considered under OpenID Attribute Exchange [1].
>>>
>>> Thanks & regards.
>>> - Prabath
>>>
>>> [1]: http://openid.net/specs/openid-attribute- 
>>> exchange-1_0.html#store
>>>
>>> On Thu, May 22, 2008 at 1:43 PM, Steven Livingstone-Perez
>>> <weblivz at hotmail.com> wrote:
>>>
>>>> Has it ever been considered that a consumer of an OpenID may  
>>>> wish  to store
>>>> some attributes data against that user?
>>>>
>>>>
>>>>
>>>> In other words rather than storing it locally (and doing the  
>>>> work  required
>>>> to achieve this) a trusted consumer may have "write" abilities   
>>>> which would
>>>> allow them to store some information important only to them  
>>>> against  the
>>>> OpenID?
>>>>
>>>>
>>>>
>>>> For example you may log in and be directed to a site who may  
>>>> wish  to store
>>>> the local username they use for you with the OpenID so they can  
>>>> get  it as
>>>> one of the attributes next time – or (as someone recently asked  
>>>> me)  store
>>>> the local school they are to be associated with under their domain.
>>>>
>>>>
>>>>
>>>> Regards,
>>>>
>>>> Steven
>>>>
>>>> http://weblivz.openid.org
>>>>
>>>> _______________________________________________
>>>> general mailing list
>>>> general at openid.net
>>>> http://openid.net/mailman/listinfo/general
>>>>
>>>>
>>>>
>>> _______________________________________________
>>> general mailing list
>>> general at openid.net
>>> http://openid.net/mailman/listinfo/general
>>>
>>> _______________________________________________
>>> general mailing list
>>> general at openid.net
>>> http://openid.net/mailman/listinfo/general
>>>
>>> _______________________________________________
>>> general mailing list
>>> general at openid.net
>>> http://openid.net/mailman/listinfo/general
>>>
>>>
>>>
>>
>> _______________________________________________
>> general mailing list
>> general at openid.net
>> http://openid.net/mailman/listinfo/general
>>
>>
>>
>
> -- 
> Paul Madsen            e:paulmadsen @ ntt-at.com
> NTT                    p:613-482-0432
>                      m:613-282-8647
>                      aim:PaulMdsn5
>                      web:connectid.blogspot.com
>

More information about the general mailing list