[OpenID] Promoting delegation...
Nat Sakimura
sakimura at gmail.com
Sat Jun 19 01:06:07 UTC 2010
If it were just the issue of the IP Address, then would not the
signing the discovery document serve our purpose?
=nat
On Sat, Jun 19, 2010 at 10:01 AM, Peter Watkins <peterw at tux.org> wrote:
> On Fri, Jun 18, 2010 at 11:51:16AM -0700, Chris Messina wrote:
>> Turns out people aren't apparently familiar with the delegation feature of
>> OpenID, given the response to my comments on This Week in Google and Gina
>> Tripani's followup post:
>>
>> http://smarterware.org/6286/how-to-set-up-openid-on-your-own-domain/
>>
>> Turns out people seem to like this feature after all!
>
> That's not at all what I'd consider "delegation". I opened your message
> expecting to see some proposal for one identifier to delegate some kind
> of authority to another identifier (e.g. a physician delegating to his
> non-MD office manager authority to deal with billing systems).
>
> (It would be nice if OpenID could solve that sort of delegation problem,
> if the delegation tokens could be handled at the OP instead of multiple
> disparate RP sites developing their own delegation models...)
>
> I think this old feature of using discovery to associate URLs with
> arbitrary 3rd-party OPs is probably going to become *less valuable* over
> time, if only because OpenID is drifting toward 100% https operation, and
> most small, personal domains will have a hard time coughing up the extra money
> for the dedicated IPv4 address that's needed to run an https site (I assume
> the IETF TLS working groups still hasn't made much headway in making
> TLS v.Next support hostname negotiation, to say nothing of getting the
> capability deployed to a significant majority of client devices). It would
> subvert the whole https model if the very first step in discovery involves
> requesting a document with an http: address like http://ginatrapani.org/ .
>
> -Peter
>
> _______________________________________________
> general mailing list
> general at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-general
>
--
Nat Sakimura (=nat)
http://www.sakimura.org/en/
http://twitter.com/_nat_en
More information about the general
mailing list