[OpenID] Widgets and other aggregation
David Fuelling
sappenin at gmail.com
Tue Jan 27 21:21:55 UTC 2009
On Tue, Jan 27, 2009 at 8:11 PM, Peter Williams <pwilliams at rapattoni.com>wrote:
> So now you getting somewhere with multiauth. It was amorphous before.
>
>
>
> To mitigate the risk of OP misconduct in the form of inappropriate
> impersonation of a subscriber, relying parties may require multiple
> confirmations of user involvement from different authorities.
>
Yes, though MultiAuth really only discusses how an end-user could require
MultiAuth. If an RP wants to require MultiAuth, then it simply can -- I
don't think there's needs to be any new behavior defined by a spec in that
case.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090127/5bd1d72c/attachment-0002.htm>
More information about the general
mailing list