[OpenID] CISSP on OpenID, CCA
Peter Williams
pwilliams at rapattoni.com
Fri Sep 19 13:55:17 UTC 2008
The CISSP I referenced earlier is Rafeeq Ur Rehman.
(I was discussing CCA and whether or not it was a motivating use case in the mind of the OpenID design team.)
http://www.amazon.com/gp/product/0972403124/sr=1-1/qid=1221828947/ref=olp_product_details?ie=UTF8&me=&qid=1221828947&sr=1-1&seller=
See chapter 7.
You can note his interesting caveat. For openid to work as CCA (and perform SSO), it must work in the context of a "enterprise directory".
Given the apparent background of most of the designers in the OpenID community, I'd doubt they were focused or skilled in enterprise directory doctrine (like the trust models that Microsoft Windows offers has for ADFS-based federated trusts). But, I could be wrong (and am, about 49% of the time).
His diagrams note "typical" enterprise models of using OpenID in an extranet-VPN styled trust model
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20080919/b1a0d7a6/attachment-0002.htm>
More information about the general
mailing list