I have to agree here. There are decentralized technologies that work : SMTP and XMPP being the most popular. An RP needs to be able to trust users, not OPs. The protocol proves that user X has chosen OP X and controls URI X. A bad OP can only do nasty things if user X chooses to use them. USERs can be nasty, but OPs serve a pretty basic function.
<br><br><div><span class="gmail_quote">On 7/8/07, <b class="gmail_sendername">Brendan Taylor</b> <<a href="mailto:whateley@gmail.com">whateley@gmail.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
On Sun, Jul 08, 2007 at 01:59:02AM +0300, Eddy Nigg (StartCom Ltd.) wrote:<br>> like self-signed certificates. A relying party can choose to trust them<br>> but nothing has been verified or guarantied in any form (not even the
<br>> integrity of the authentication process). For me as relying party<br>> running a forum or web log, this is not really assuring...not to speak<br>> about other potential login facilities.<br><br>This is something I've never understood - why does an RP need to trust an
<br>OP? If this is about spam, then surely it makes more sense to determine<br>trust per-user (and possibly blacklist OPs).<br><br>I especially don't understand why the RP cares about "integrity of the<br>authentication process". Surely it should be the user's responsibility
<br>to select an OP with the security they require.<br><br>I think this is going in the wrong direction; I would be very<br>disappointed if OpenID lost its decentralization, and I'm not sure why<br>people think it needs to.
<br><br>_______________________________________________<br>general mailing list<br><a href="mailto:general@openid.net">general@openid.net</a><br><a href="http://openid.net/mailman/listinfo/general">http://openid.net/mailman/listinfo/general
</a><br><br><br></blockquote></div><br><br clear="all"><br>-- <br>- Stephen Paul Weber, Amateur Writer<br><<a href="http://www.awriterz.org">http://www.awriterz.org</a>><br><br>MSN/GTalk/Jabber: <a href="mailto:singpolyma@gmail.com">
singpolyma@gmail.com</a><br>ICQ/AIM: 103332966<br>BLOG: <a href="http://singpolyma.net/">http://singpolyma.net/</a>