[Specs-cx] Artifact Binding Re: specs Digest, Vol 36, Issue 1
John Bradley
john.bradley at wingaa.com
Tue Aug 25 01:05:43 UTC 2009
The thing that doesn't do for Nat is reduce the size of the request.
I suppose that there could be a standard oAuth attribute service.
The largest problem is having the OP know what to have the user
permission.
One option is to have the OP retrieve a policy document directly from
the RP so that the user can give consent to what the RP is going to
get a oAuth token for.
Following this path at some point you would ask what the openID
portion of openID+oAuth is doing for you?
So if you add discovery XRD/S to oAuth + a way to deliver a RP
policy, do you have a viable alternative to a openID artifact binding.
Perhaps a heretical question, but one we should probably explore
before reinventing things.
John B.
On 24-Aug-09, at 8:45 PM, Allen Tom wrote:
> Hi Nat,
>
> Have you considered using the OpenID OAuth Hybrid Extension instead
> of defining a new Artifact binding?
>
> http://step2.googlecode.com/svn/spec/openid_oauth_extension/latest/openid_oauth_extension.html
>
> The openid.oauth.request_token response parameter in Section 10 is
> essentially the same thing as an Artifact. Google already supports
> the Hybrid extension, and Yahoo will be launching support for it in
> the very near future, so perhaps we could use use Hybrid to support
> large responses?
>
> Allen
>
>
> Nat Sakimura wrote:
>> Updated http://wiki.openid.net/OpenIDwithArtifactBinding
>>
>> 1. Added description in overview.
>> 2. Added signature in artifact related requests.
>> 3. Separated the Artifact Authentication Request from the
>> Authentication Request and created section 9.1.1 for more
>> readability.
>> 4. Removed 9.4 and moved the text to 9.
>> 5. Other miscellaneous changes.
>>
>> For complete list, see the wiki history.
>>
>> Feature-wise, it is almost complete for the Artifact binding, IMHO.
>> Need feedback from large providers.
>>
>> =nat
>> _______________________________________________
>> specs mailing list
>> specs at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs
>>
>
More information about the specs
mailing list