[OpenID] Verisign Announces Free OpenID Digital Lockbox
SitG Admin
sysadmin at shadowsinthegarden.com
Sat Feb 21 23:34:42 UTC 2009
>We need a way to do hybrid when the OP and the SP are not the same
>party, and ideally we need it sooner rather than later.
I've just done a lot of reading about OAuth, and I have a better
understanding now of what it is, but I still don't understand what
you mean by "do hybrid". I see that "SP" means "site that has my
data" (not necessarily the site that's authenticating me to the RP),
but I'm hesitant to assume a particular meaning of "hybrid". Can you
elaborate here?
>The OpenID/OAuth hybrid is a nice UX fix in the short term, but it
>is not good if I'm forced to use a single provider for everything
>from authentication to address books to calendars to whatever else
>we make work with OAuth in future.
Also, how is the hybrid setup forcing users to have a single
provider? (And are we speaking of OpenID Providers, Service
Providers, or the hybrid Providers?)
-Shade
More information about the general
mailing list