[OpenID] Too many providers... and here's one reason
SitG Admin
sysadmin at shadowsinthegarden.com
Tue Sep 16 15:23:23 UTC 2008
>Basically, I'd use my preferred OP and request the organization to
>provide a signed attribute of my membership in org XYZ.
Interesting thought - signed by the organization? Perhaps an
assertion of membership AND "here's what your organization gave us to
remind them that you are a member", so the organization can recognize
revoked membership signatures?
>Of course, there will have to be a "trust relationship" between org XYZ
>and my preferred OP, but I don't see that trust as any deeper than the
>"trust relationship" between and RP and an OP.
If there were only a single OP in the world, it would even be the
*same* trust relationship, and with one OP handling authentication
for several organizations; just as one OP can handle authentication
for more than a single organization now.
But perhaps starting out as the OP for a small organization, at
first, can be an opportunity for new developers to both assure
themselves of OpenID's security and find gainful employment in
connection to business startups?
-Shade
More information about the general
mailing list