[OpenID] Private Federation solution using OpenID
John Bradley
ve7jtb at ve7jtb.com
Tue May 8 14:48:20 UTC 2012
If the SaaS provider is the RP and your company is the OP there is nothing that requires you to release any attributes to the SaaS provider via openID.
I don't think there is anything to stop you from doing that.
John B.
On 2012-05-08, at 10:18 AM, Matheus Eduardo Bonifacio Morais wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi there,
>
> I work for a company which is looking for a federation solution to
> SaaS applications used internally by the employees. For our use case
> is mandatory that the user data could keep in private and the SaaS
> provider must not have access to it. I was thinking to use OpenID
> because is well written and the most important part, it is an
> open-standard. For what I understood by reading the protocol
> specification, this is not a goal of OpenID.
>
> I would like to know if is possible to implement that kind of solution
> and If I'm not hurting the main project goals as long as I will not
> allow everyone to sign-in using an OpenID compatible account.
>
> Thanks.
>
> - --
>
> Matheus Morais
> Infraestrutura de TI
> Confederação SICREDI ? Porto Alegre
> 51 3358-4700 ramal 7190
>
> www.sicredi.com.br
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQEcBAEBAgAGBQJPqStQAAoJEJaxmh5NVUojoIcH/j7TLBPjfPZ1FXneJVU6UZ/Q
> bq06dx/uMlLt6702jvV+QhnkZvRdJDHPxkNjGYoUZCEu9lxLkddCMp/o6WiFvR7A
> oQZ8TDxlHmPzXf3Su3fb8kPnIvY6YmzP3ldjGl3XKXDXUs4bFnrrCNP3zE40Seut
> rzHtUoltWB7Q/Hv9a5Q8/dHhkSbPZVQVdDsd6JJpc8o0zMOEtoi2ncjIcbhNZyah
> 8Vy0gbeW6+futbAIJTFcfQtxr8hxRwcK7EqcyOv6f01IsD50UI+8KKbqEUMgBp90
> xhf4yOYGCc/F6cnJWCJBF4QuZpIblRGUiCJ+7o29nGkTax09+Qo3CdMewZ4tbRo=
> =attP
> -----END PGP SIGNATURE-----
> Esta mensagem é somente para uso do destinatário informado e pode conter informações privilegiadas, proprietárias, ou privadas. Se você recebeu esta mensagem por engano, por favor notifique o remetente imediatamente e apague a original. Qualquer uso deste email é proibido.
> This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited.
>
> _______________________________________________
> general mailing list
> general at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-general
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4937 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20120508/b60d58c1/attachment.p7s>
More information about the general
mailing list