[OpenID] Xrd signing with username token
Peter Williams
pwilliams at rapattoni.com
Mon Jul 27 18:49:31 UTC 2009
I know you were once challenged by XRI. Its a good time (since signed XRD is a current topic) to revisit
http://middleware.internet2.edu/idtrust/2008/papers/01-reed-openid-xri-xrds.pdf
section 3.3 discusses trusted resolution - using signed XRD in a chain of XRDs to validate the authoritativeness of a provider's endpoints. It contrasts with Google's apparent approach, which seems to want to do PKIish things for similar purposes.
________________________________________
From: general-bounces at openid.net [general-bounces at openid.net] On Behalf Of SitG Admin [sysadmin at shadowsinthegarden.com]
Sent: Sunday, July 26, 2009 8:08 AM
To: Santosh Rajan
Cc: general at openid.net
Subject: Re: [OpenID] Xrd signing with username token
>difficult to understand what you are saying sometimes, because of the way
>you write.
>Does anyone else have the same problem reading Peter's writing, or is it me
I think of it as a challenge, not a problem. Peter writes at a level
of technical knowledge I haven't reached yet, so I save his old
messages and occasionally go back to see if I can understand them
more with what I've learned since. I'm not sure whether to be proud
of or disturbed by my success, though . . . being able to make sense
of something that, a few months ago, was impenetrable to me, implies
that I'm learning faster and learning more than I'm aware of.
-Shade
_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general
More information about the general
mailing list