Terminology open issue #1: IdP vs OP
Drummond Reed
drummond.reed at cordance.net
Mon Nov 20 20:01:13 UTC 2006
To tear into the meat of the terminology open issues at
http://openid.net/wiki/index.php/Terminology, the first issue has already
received quite a bit of discussion: switching from Identity Provider (IdP)
to OpenID Provider (OP).
I was originally a supporter of this change, because I had always felt
Identity Provider was somewhat of a misnomer, particularly when it came to a
system like OpenID where the IdP was generally NOT the source of your
identifier.
However Eve Maler (co-chair of the OASIS SSTC that did SAML and co-editor of
the SAML Glossary) made this point in an earlier post:
<quote>
Just to be clear, "identity provider" in SAML isn't intended to mean that
this system entity is providing an identity to a digital subject -- it means
that this system entity is providing identity information (specifically
verification/authentication info) to a relying party/service provider.
From the SAML glossary (now in HTML...):
http://www.oasis-open.org/committees/download.php/21053/saml-glossary-2.0-os
.html#IdentityProvider
http://www.oasis-open.org/committees/download.php/21053/saml-glossary-2.0-os
.html#RelyingParty
Often, but not always, a SAML authentication authority also serves as an
attribute authority:
http://www.oasis-open.org/committees/download.php/21053/saml-glossary-2.0-os
.html#AttributeAuthority
<endquote>
For this reason, I have reversed my position and now feel that it would not
benefit the OpenID community to use a different term than that already
well-established by SAML.
-1 to making this change.
=Drummond
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20061120/b2db7e06/attachment-0002.htm>
More information about the specs
mailing list