[OpenID] Combining Google & Yahoo user experience research
Brandon Ramirez
brandon.s.ramirez at gmail.com
Sun Oct 19 16:45:51 UTC 2008
So it's great security if you need very little security?
Transactions of value are precisely where we need federated identity. I
have different logins for my bank, credit card company, car insurance, every
everything under the sun. Except I can share identity between my blog and a
site like Flicker.
- Brandon
On Sun, Oct 19, 2008 at 12:36 PM, Shane B Weeden <sweeden at au1.ibm.com>wrote:
>
> Brandon:
> > [...] Why should I trust a random OP?
> >
>
> You shouldn't, and nobody is claiming you should for any transaction of
> value. What does excite me about OpenID (and InfoCard for that matter) over
> other SSO protocols like SAML is the zero cost of onboarding additional RP's
> if I am acting as an IDP. All the RP needs to do (besides following a
> best-practices secure deployment model) is define that they trust the IDP
> (e.g. for OpenID define a trusted list of OP endpoints) and the IDP need do
> nothing in particular.
>
> Sure, there are dynamic extensions to SAML like those defined by Shibboleth
> for dynamic metadata sharing, but out-of-the-box nothing I've been exposed
> to thus far quite matches the simplicity of the OpenID model.
>
> =shane
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20081019/5012335a/attachment-0002.htm>
More information about the general
mailing list