Seems like it's not a good idea to mix the identifier with an attribute of the identifier. If you want to say that "beth" (e.g.) is a member of a given group (like "staff"), then this should somehow be reflected in some kind of attribute for Beth's OpenId. You might want to look at the Attribute Exchange spec for this kind of thing (although I don't know if group/role data is part of that spec, but I don't see why not).
<br><br>Only a few weeks ago, when Sun announced that all of their employees would have OpenId's (and by proxy, all of these employees could identifi themselves as sun employees using these ids) there was a lot of discussion (around the web) relating to why this is a bad idea. Might be worth searching around for some of the reaction to the Sun announcement (I can't think of a direct url link at the moment).
<br><br>david<br><br><div><span class="gmail_quote">On 5/21/07, <b class="gmail_sendername">Peter (pt) Sefton</b> <<a href="mailto:pt@ptsefton.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
pt@ptsefton.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Hi,<br><br>I'm new here. I have tried to find an answer to my question via the archive and the rest of the web, but no luck.<br><br>Is it reasonable to use OpenId with generic IDs? For example could my employer, a university have a generic ID like
<a href="http://openid.myuni.edu.au/staff" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://openid.myuni.edu.au/staff</a> which would authenticate me as an anonymous staff member? We could then make a federation of universities who all trusted each other staff, maybe to provide WIFI.
<br><br>For other cases which required the site I am visiting to know who I am, I could use <a href="http://openid.myuni.edu.au/staff/my.name" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://openid.myuni.edu.au/staff/my.name
</a>. <br><br>Maybe I also have a role as a student:
<a href="http://openid.myuni.edu.au/student/postgrad" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://openid.myuni.edu.au/student/postgrad</a>.<br><br>In this case I would not have to even remember all these URLs - the host site could have a kind of "Where are you from, what role do you have" form, so I would pick my home institution off a list, then say I'm a staff member and I want to remain anonymous, which is enough to generate the id:
<a href="http://openid.myuni.edu.au/staff" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://openid.myuni.edu.au/staff</a><br><br>Is this being done already? Is it wrong in some way?<br><br>Peter
<br clear="all"><br>-- <br><br>Peter Sefton<br>Senior Research Fellow / RUBRIC Technical Manager
<br>RUBRIC Project, DeC<br>University of Southern Queensland<br>Toowoomba Queensland 4350 AUSTRALIA<br><br><br>Work: <a href="mailto:sefton@usq.edu.au" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
sefton@usq.edu.au</a><br>Private: <a href="mailto:pt@ptsefton.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">pt@ptsefton.com
</a><br><br>p: +61 (0)7 4631 1640<br>m: +61 (0)410 326 955<br><br>RUBRIC Website: <a href="http://www.rubric.edu.au" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.rubric.edu.au</a> <br>
USQ Website: <a href="http://www.usq.edu.au" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.usq.edu.au</a><br>
Personal Website: <a href="http://ptsefton.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://ptsefton.com</a><br><br>RUBRIC is supported by the Systemic Infrastructure Initiative as part of
<br>the Commonwealth Government's Backing Australia's Ability - An
<br>Innovative Action Plan for the Future<br>(<a href="http://backingaus.innovation.gov.au" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://backingaus.innovation.gov.au</a>)<br><br>The University of Southern Queensland is a registered provider of
<br>education with the Australian Government.
<br><br>(CRICOS Codes: QLD 00244B | NSW 02225M | VIC 02387D | WA 02521C)
<br>_______________________________________________<br>general mailing list<br><a href="mailto:general@openid.net" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">general@openid.net</a><br><a href="http://openid.net/mailman/listinfo/general" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://openid.net/mailman/listinfo/general</a><br><br></blockquote></div><br>