[OpenID] Promoting delegation...
John Bradley
ve7jtb at ve7jtb.com
Sat Jun 19 00:52:22 UTC 2010
The original Connect proposal uses a simple form of discovery (Not full webfinger/LRDD) for email type identifiers where only the domain portion is used.
That in principal forces delegation if supported to be domain based rather than user based.
As an example if I wanted to delegate my Yahoo email ID to another provider I couldn't do that.
While the protocol supports delegating out now in reality no major OP support individual XRDS to allow it.
The concern I have is that the Connect proposal needs to support some user centric discovery mechanism so that delegation in to a IdP from a personal domain can be made to work.
I understand that only discovering the host portion is more efficient.
It will be a interesting conversation in the WG once we get going.
The important question is do we want personal discovery documents that can contain multiple relationships and perhaps authentication protocols eg openID 2.0?
Regards
John B.
On 2010-06-18, at 8:20 PM, Allen Tom wrote:
> As far as I know, delegation should continue to work in the Connect proposal. Delegation was pretty straightforward in OpenID 1.1, but became overly complex, if not broken, in OpenID 2.0.
>
> Allen
>
> On 6/18/10 12:01 PM, "James Walker" <walkah at walkah.net> wrote:
>
> I've often promoted delegation as one of the strongest things OpenID
> has done for *user centric* identity. It'd be a real shame to lose
> that power in vNext / Connect.
>
> Glad to see you and Gina bringing (even) more awareness (than you already have)!
>
> .j
>
> On Fri, Jun 18, 2010 at 2:51 PM, Chris Messina <chris.messina at gmail.com> wrote:
> > Turns out people aren't apparently familiar with the delegation feature of
> > OpenID, given the response to my comments on This Week in Google and Gina
> > Tripani's followup post:
> > http://smarterware.org/6286/how-to-set-up-openid-on-your-own-domain/
> > Turns out people seem to like this feature after all!
> > Chris
> >
> > --
> > Chris Messina
> > Open Web Advocate, Google
> >
> > Personal: http://factoryjoe.com
> > Follow me on Buzz: http://buzz.google.com/chrismessina
> > ...or Twitter: http://twitter.com/chrismessina
> >
> > This email is: [ ] shareable [X] ask first [ ] private
> >
> > _______________________________________________
> > general mailing list
> > general at lists.openid.net
> > http://lists.openid.net/mailman/listinfo/openid-general
> >
> >
>
>
>
> --
> James Walker :: http://walkah.net/ :: http://james.status.net/
> _______________________________________________
> general mailing list
> general at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-general
>
> _______________________________________________
> general mailing list
> general at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-general
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20100618/1ab84639/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4767 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20100618/1ab84639/attachment.bin>
More information about the general
mailing list