[Openid-specs-ab] Definition of Authentication

Nat Sakimura sakimura at gmail.com
Thu Nov 7 18:45:57 UTC 2013

Having seen the recent thread around client secret etc., I am confident
that we have problems with the current definition of Authentication.

Currently, it is:

AuthenticationProcess of verifying that an Entity is the owner of an

It is unclear what is "owner" etc., and is too hand-wavy. For example, what
is the owner of the identity in the case of Client Authentication?

We should adopt either ISO18014 or X.1252. I feel X.1252 is slightly

It is:

Process used to achieve sufficient confidence in the binding
between the entity and the presented identity

I Propose to adopt this definition.

Nat Sakimura (=nat)
Chairman, OpenID Foundation
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20131107/95f521b1/attachment.html>

More information about the Openid-specs-ab mailing list