[OpenID] Verisign Seatbelt HoK

Axel.Nennker at telekom.de Axel.Nennker at telekom.de
Thu Apr 28 20:41:22 UTC 2011 

I think the browser side of HoK is not problematic compared to the RP
side. How are we going to convince the RP to change their systems to
accept the key?
Well maybe the browser side isn't that simple. The current certificate
related UIs are a pain. 

Regarding your NASCAR comment: The openid input field does not have to
be visible to be discoverable by the addon. This way the RP can have its
layout and the addon will not interfere with it.
This problem is that the RP site must work with our without the addon
beeing there (at least for some time). Which was one of Information
Cards problems. Self-Issued Information Cards without claims implement
HoK but then the card metaphore is not the best one in this case.
 


________________________________

	From: John Bradley [mailto:ve7jtb at ve7jtb.com] 
	Sent: Thursday, April 28, 2011 10:03 PM
	To: Nennker, Axel
	Cc: openid-general at lists.openid.net; thunder at mozilla.com;
mhanson at mozilla.com
	Subject: Re: [OpenID] Verisign Seatbelt
	
	
	There was a way for other openID providers to get added to
Seatbealt.   On the other hand I don't know that it worked better than
the FF extension you just did.    It also relied on RP tagging the input
box as I recall.  With NASCAR type interfaces that is becoming less and
less common. 

	From a security point of view I would like to be able to gat at
a way to do holder of Key in the browser.  

	John B.
	
	On 2011-04-28, at 3:30 PM, <Axel.Nennker at telekom.de>
<Axel.Nennker at telekom.de> wrote:


		
		Hi,
		 
		I just stumbled over Verisign's Seatbelt browser
extension again. Here is the HTML link to the config from the source
code of https://pip.verisignlabs.com/.
		
		  <link rel="seatbelt.config" type="application/xml"
href="https://pip.verisignlabs.com/web/brand/default/seatbelt/seatbeltcf
g.xml" />
		
		
		
		I guess that Seatbelt is not very widely deployed
today...
		In the light of "Identity in the Browser": What would we
do differently today?
		http://www.w3.org/2011/identity-ws/
		 
		Seatbelt has similarities to Mozilla's AccountManager
which is now dead (it seems).
		Seatbelt favored Verisign's OpenID provider which I
think was one reason others did not accept it.
		 
		Does it make sense to generalize Seatbelt and
standardize it into browsers?
		 
		regards
		Axel
		 
		
		<?xml version="1.0" encoding="utf-8"?>
		<opConfig version="1.0" 
			   serverIdentifier="pip.verisignlabs.com">
		  <configRevision>1.1.02</configRevision>
		  <title>Symantec Personal Identity Provider</title>
		  <description>Manage your online identity without
compromising your privacy.</description>
	
<loginUrl>https://pip.verisignlabs.com/login.do</loginUrl>
	
<welcomeUrl>https://pip.verisignlabs.com/home_page.do</welcomeUrl>
		
	
<loginStateUrl>https://pip.verisignlabs.com/RPInterface</loginStateUrl>
		  <opDomain>pip.verisignlabs.com</opDomain>
	
<opCertSHA1Hash>99:FB:5C:4D:71:62:5F:1F:A8:D8:37:91:C2:AC:AE:53:86:DC:8B
:12</opCertSHA1Hash>
	
<opCertCommonName>pip.verisignlabs.com</opCertCommonName>
	
<settingsIconUrl>https://pip.verisignlabs.com/web/brand/default/seatbelt
/check30x30.png</settingsIconUrl>
	
<toolbarGrayIconUrl>https://pip.verisignlabs.com/web/brand/default/seatb
elt/pip_logo_gray_16x16.jpg</toolbarGrayIconUrl>
		
	
<toolbarHighIconUrl>https://pip.verisignlabs.com/web/brand/default/seatb
elt/pip_logo_16x16.jpg</toolbarHighIconUrl>
		  <toolbarGrayBackground>#D6D6D6</toolbarGrayBackground>
		  <toolbarHighBackground>#FECF71</toolbarHighBackground>
	
<toolbarLoginBackground>#74D174</toolbarLoginBackground>
		  <toolbarGrayBorder>#7C7C7C</toolbarGrayBorder>
		  <toolbarHighBorder>#730027</toolbarHighBorder>
		
		  <toolbarLoginBorder>#2B802B</toolbarLoginBorder>
		  <toolbarGrayText>#666666</toolbarGrayText>
		  <toolbarHighText>#730027</toolbarHighText>
		  <toolbarLoginText>#FFFFFF</toolbarLoginText>
		</opConfig>
		
		_______________________________________________
		general mailing list
		general at lists.openid.net
		http://lists.openid.net/mailman/listinfo/openid-general
		


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20110428/fd1f2c4e/attachment.html>

More information about the general mailing list