[OpenID] Promoting delegation...
John Panzer
jpanzer at google.com
Sat Jun 19 02:53:03 UTC 2010
Yes.
On Friday, June 18, 2010, Nat Sakimura <sakimura at gmail.com> wrote:
> If it were just the issue of the IP Address, then would not the
> signing the discovery document serve our purpose?
>
> =nat
>
> On Sat, Jun 19, 2010 at 10:01 AM, Peter Watkins <peterw at tux.org> wrote:
>> On Fri, Jun 18, 2010 at 11:51:16AM -0700, Chris Messina wrote:
>>> Turns out people aren't apparently familiar with the delegation feature of
>>> OpenID, given the response to my comments on This Week in Google and Gina
>>> Tripani's followup post:
>>>
>>> http://smarterware.org/6286/how-to-set-up-openid-on-your-own-domain/
>>>
>>> Turns out people seem to like this feature after all!
>>
>> That's not at all what I'd consider "delegation". I opened your message
>> expecting to see some proposal for one identifier to delegate some kind
>> of authority to another identifier (e.g. a physician delegating to his
>> non-MD office manager authority to deal with billing systems).
>>
>> (It would be nice if OpenID could solve that sort of delegation problem,
>> if the delegation tokens could be handled at the OP instead of multiple
>> disparate RP sites developing their own delegation models...)
>>
>> I think this old feature of using discovery to associate URLs with
>> arbitrary 3rd-party OPs is probably going to become *less valuable* over
>> time, if only because OpenID is drifting toward 100% https operation, and
>> most small, personal domains will have a hard time coughing up the extra money
>> for the dedicated IPv4 address that's needed to run an https site (I assume
>> the IETF TLS working groups still hasn't made much headway in making
>> TLS v.Next support hostname negotiation, to say nothing of getting the
>> capability deployed to a significant majority of client devices). It would
>> subvert the whole https model if the very first step in discovery involves
>> requesting a document with an http: address like http://ginatrapani.org/ .
>>
>> -Peter
>>
>> _______________________________________________
>> general mailing list
>> general at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-general
>>
>
>
>
> --
> Nat Sakimura (=nat)
> http://www.sakimura.org/en/
> http://twitter.com/_nat_en
> _______________________________________________
> general mailing list
> general at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-general
>
--
--
John Panzer / Google
jpanzer at google.com / abstractioneer.org / @jpanzer
More information about the general
mailing list