[OpenID] Definition of OpenID
Nat Sakimura
sakimura at gmail.com
Tue Jun 8 10:35:05 UTC 2010
Would love to have a more readable rewrite.
We should make an authoritative punch line that we can use it at many
places,
including wikipedia.
=nat
On Tue, Jun 8, 2010 at 4:40 PM, David Recordon <recordond at gmail.com> wrote:
> We wrote http://openid.net/get-an-openid/what-is-openid/ a year or two
> ago. It's far more of a product definition than a technical one, but
> supports what you wrote. Ever since we made OpenID 2.0 extensible and
> a combination of other technologies a few years ago it's been a
> framework.
>
> As you point out, OpenID has never done user authentication itself.
> Rather that's handled by cookies, passwords, tokens, certs, etc.
> OpenID does however perform authentication from the provider to the
> relying party once the user has authenticated and granted
> authorization.
>
> So yes, I agree with your definitions but would rewrite them and
> clarify the intended audience. (Unfortunately 1am isn't a good time
> for me to propose better wording.)
>
> --David
>
>
> On Tue, Jun 8, 2010 at 12:31 AM, Nat Sakimura <sakimura at gmail.com> wrote:
> > Many people say that OpenID is for Authentication and OAuth is for
> > Authorization.
> > This does not seem to be an accurate statement.
> > In fact, OpenID does not do the "authentication" in the narrow meaning
> and
> > OAuth does not do the "authorization" in the narrow meaning.
> > More accurate characterization would be something like:
> > OpenID is a Digital Identity Framework that that conveys the
> authorization
> > decision and identity attributes/data of an authenticated identity from
> the
> > identity provider (OpenID provider, OP) to a requesting party called
> relying
> > party (RP).
> > OAuth is a protocol that allows one to delegate the access authorization
> to
> > a resource to a third party. (<= need better wording.)
> > Any discussion?
> >
> > --
> > Nat Sakimura (=nat)
> > http://www.sakimura.org/en/
> > http://twitter.com/_nat_en
> >
> > _______________________________________________
> > general mailing list
> > general at lists.openid.net
> > http://lists.openid.net/mailman/listinfo/openid-general
> >
> >
>
--
Nat Sakimura (=nat)
http://www.sakimura.org/en/
http://twitter.com/_nat_en
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20100608/b51b005c/attachment.html>
More information about the general
mailing list