[OpenID] DotNetOpenAuth announces support of the Government profile of OpenID
Allen Tom
atom at yahoo-inc.com
Thu Sep 10 23:02:56 UTC 2009
SitG Admin wrote:
> >
> >The profile makes no restrictions whatsoever (at least when I last
> read an earlier draft) regarding what cares the OP has taken to
> identify the user if I read it correctly.
>
> Ahh . . . *blink* I can get certified if my OP indiscriminately
> approves *everyone* who tries using it? Or did you mean what cares the
> OP takes to correlate the user's information with external sources?
>
LOA 1 means that the OP has not taken any steps to verify that any of
the user's registration data is accurate. (name, gender, postal address,
zip code, affiliations, etc)
The OP is still required to authenticate the user's identifier (usually
by verifying the userid and password), but the user data collected by
the OP could be entirely fictitious.
Allen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090910/8f6f5e65/attachment.htm>
More information about the general
mailing list