[OpenID] Convert claimed_id to pseudonym at RP, not OP
Peter Williams
pwilliams at rapattoni.com
Sat Sep 12 05:12:18 UTC 2009
One option to retain portability, especially since idp initiation is
permitted, is to do idp chaining. To retain portability, users can
assert to a non .gov rp, that links several of the user's ppids to one
account, and which turns around and asserts a new ppid to the .gov as
a whitelisted/audited idp.
The commercial op cannot object, as the profile considers end user
info to be self asserted (not idp asserted). The .gov whitelisting
rules might be set to deny this (even tho it does not prejudice the
privacy policy of . Gov). It will be quite telling if they do....
One cannot really judge the profile in the absence of the audit
criteria.
On Sep 9, 2009, at 10:48 PM, "Manger, James H" <James.H.Manger at team.telstra.com
> wrote:
>
More information about the general
mailing list