[OpenID] Widgets and other aggregation
Peter Williams
pwilliams at rapattoni.com
Tue Jan 27 20:11:23 UTC 2009
So now you getting somewhere with multiauth. It was amorphous before.
To mitigate the risk of OP misconduct in the form of inappropriate impersonation of a subscriber, relying parties may require multiple confirmations of user involvement from different authorities.
From: general-bounces at openid.net [mailto:general-bounces at openid.net] On Behalf Of David Fuelling
Sent: Tuesday, January 27, 2009 12:08 PM
To: SitG Admin
Cc: general at openid.net
Subject: Re: [OpenID] Widgets and other aggregation
I'm biased here, but I think the combination of OP MultiAuth[1] and OP Delegation[2] could mitigate some of the risks inherent with this idea.
First, a user could use OP Delegation to require MulitAuth for his/her Bank RP, but not for his/her Facebook activity stream (because the user wants a single OP to grab his facebook data and display it using the OP's skin). Any other RP's (like the Bank RP) would require MultiAuth, preventing the OP from getting bank info without the user's consent.
Another thought here is how OAuth could be used to accomplish what you're thinking.....
david
[1] http://wiki.openid.net/f/openid-provider-multiauth-extension-1_0-2.html
[2] http://wiki.openid.net/f/openid-provider-delegation-extension-1_0-1.html
On Tue, Jan 27, 2009 at 1:51 AM, SitG Admin <sysadmin at shadowsinthegarden.com<mailto:sysadmin at shadowsinthegarden.com>> wrote:
I've been thinking about the ability of OP's to log in as any user they (have the power to) represent, whether acting on behalf of that user or not. Some (especially where the OP is already a walled garden, and wants to keep the user's UX consistent with their own skin) will want to act like an RSS client and check in with RP's, repackage the information, then present it to the user in the desired format. It would be like a widget, presenting cherry-picked information combined from all your favorite OpenID-enabled sites.
This is even conceivably desirable as a privacy benefit, since other RP aren't authorized to know what skins the user prefers at their OP (and secondarily it then becomes a *security* benefit, inasmuch as the use of any *other* skins would break UX consistency and alert the user to an attacker's attempt to spoof the OP).
But this complicates accountability; suddenly, without the user's knowledge or consent, a "feature" at their OP is providing potentially confidential data to a site (their OP) that has not signed any legally binding contracts with the user *or* the RP; a site with unknown security standards, that may be trivially hacked into; a site with unknown privacy policies, that may share with undisclosed 3rd parties the data it accesses; a site with unknown data retention policies, but even if it promises to keep the data "just long enough to display for the user" I (for one) would STILL have objections, mostly for the other reasons stated).
-Shade
_______________________________________________
general mailing list
general at openid.net<mailto:general at openid.net>
http://openid.net/mailman/listinfo/general
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090127/d11e7fcc/attachment-0002.htm>
More information about the general
mailing list