[OpenID] Windows Live ID OpenID CTP Status Update (August 2009)
SitG Admin
sysadmin at shadowsinthegarden.com
Fri Aug 28 20:57:16 UTC 2009
>Unlike the https launch (which had years of careful 3-party legal
>design behind it), openid has no (multi party) legal design or even a
>framework for resolving conflicts of reliance limits, reliance
>policies, reliance obligations, ...
>
>Though this could be solved by requiring 1 ca throughout the entire
>sequence flow, that unfortunately conflicts with the decentralized goal.
In a previous post, I suggested that OP's, in future, may automate
the legalities on behalf of their users; certainly, this is an
opportunity for OP's favoring decentralization to push that factor,
through favoring some legal designs over others . . . it's an
interesting world to imagine, where success is determined by
RP's/CA's willingness to embrace one political model over another,
and popularity by how well those OP's educate users about the
freedoms they give up going with decentralization-unfriendly OP's
that offer wider compatibility!
-Shade
More information about the general
mailing list