[OpenID] Requiring Pseudonymous Identifier
Andrew Arnott
andrewarnott at gmail.com
Wed May 13 16:19:24 UTC 2009
Any collusion between an RP and OP that is specific to that pair I don't
care about, since as you say it doesn't affect other parties.
However, it does sound like a strange design decision. I don't know why an
RP can't handle anonymous users without the help of an OP giving those users
a label.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - Voltaire
On Wed, May 13, 2009 at 9:17 AM, SitG Admin <sysadmin at shadowsinthegarden.com
> wrote:
> Then, am I out of spec for offering a dedicated OP where the *users* do
>>> NOT control the identifier; they merely use '
>>> shadowsinthegarden.com/everyone' to log in with the ACL permitted to
>>> everyone?
>>>
>>>
>> You are not out of spec, but that violates assumptions that are made by
>> many relying parties.
>>
>
> I probably should have made that more clear: by "dedicated", I meant that
> the OP works exclusively with my RP; it does NOT provide login to other
> sites.
>
> So, assumptions made by other RP's should not be intruded upon by this OP;
> it will never send an assertion to them.
>
> -Shade
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090513/25685c0b/attachment.htm>
More information about the general
mailing list