[OpenID] Too many providers... and here's one reason

[Andrew Arnott]

I just spoke with an organization that wants to become a Provider so that
other RP web sites can specifically tell if the logging in user is a member
of this organization by whether their OpenID Identifier was asserted by that
org's OP.
Ideally, I'd like this org to choose to be an RP instead of an OP because
there are already too many OPs out there and not enough RPs, IMO.

How can an RP accept an OpenID Identifier from arbitrary OPs, but at each
login determine whether the Identifier represents a user who belongs to a
particular Organization?  Basically the Organization needs to send an
assertion about the Identifier's membership, but only be willing to do so if
that identifier is confirmed as having logged in successfully to that RP.
 This would be easy to do if that Org was an OP, but I'm trying to reduce
the # of reasons to be an OP.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20080915/a983d206/attachment-0002.htm>