Terminology open issue #1: IdP vs OP

Dick Hardt dick at sxip.com
Tue Nov 21 05:09:40 UTC 2006 

Drummond, you have sold out! ;-)

Your bias at http://openid.net/wiki/index.php/Terminology is showing at:

IdP vs. OP
It has been suggested that the specs use the term '''OpenID Provider  
(OP)''' instead of '''Identity Provider (IdP)'''. However this would  
diverge from the widely-accepted use of IdP in the SAML, Liberty, and  
CardSpace communities.

Actually, CardSpace also uses Identity Selector and STS.

IdP is a term in federation deployments. Given the user-centric  
architecture of OpenID, I think a different name is good, and *your*  
argument that the server is not providing any *identity* I think is  
still a great argument!

-- Dick


On 20-Nov-06, at 12:01 PM, Drummond Reed wrote:

> To tear into the meat of the terminology open issues at http:// 
> openid.net/wiki/index.php/Terminology, the first issue has already  
> received quite a bit of discussion: switching from Identity  
> Provider (IdP) to OpenID Provider (OP).
>
>
>
> I was originally a supporter of this change, because I had always  
> felt Identity Provider was somewhat of a misnomer, particularly  
> when it came to a system like OpenID where the IdP was generally  
> NOT the source of your identifier.
>
>
>
> However Eve Maler (co-chair of the OASIS SSTC that did SAML and co- 
> editor of the SAML Glossary) made this point in an earlier post:
>
>
>
> <quote>
>
>
>
> Just to be clear, "identity provider" in SAML isn't intended to  
> mean that this system entity is providing an identity to a digital  
> subject -- it means that this system entity is providing identity  
> information (specifically verification/authentication info) to a  
> relying party/service provider.
>
>
>
>  From the SAML glossary (now in HTML...):
>
>
>
> http://www.oasis-open.org/committees/download.php/21053/saml- 
> glossary-2.0-os.html#IdentityProvider
>
>
>
> http://www.oasis-open.org/committees/download.php/21053/saml- 
> glossary-2.0-os.html#RelyingParty
>
>
>
> Often, but not always, a SAML authentication authority also serves  
> as an attribute authority:
>
>
>
> http://www.oasis-open.org/committees/download.php/21053/saml- 
> glossary-2.0-os.html#AttributeAuthority
>
>
>
> <endquote>
>
>
>
> For this reason, I have reversed my position and now feel that it  
> would not benefit the OpenID community to use a different term than  
> that already well-established by SAML.
>
>
>
> -1 to making this change.
>
>
>
> =Drummond
>
>
>
>
>
> _______________________________________________
> specs mailing list
> specs at openid.net
> http://openid.net/mailman/listinfo/specs

More information about the specs mailing list