<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE>Re: proposal: rename trust_root to realm</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/plain format -->
<P><FONT SIZE=2>+1 on top of that<BR>
<BR>
<BR>
-----Original Message-----<BR>
From: Brad Fitzpatrick [<A HREF="mailto:brad@danga.com">mailto:brad@danga.com</A>]<BR>
Sent: Tuesday, September 19, 2006 04:51 PM Pacific Standard Time<BR>
To: Dick Hardt<BR>
Cc: specs@openid.net<BR>
Subject: Re: proposal: rename trust_root to realm<BR>
<BR>
+1<BR>
<BR>
But I'd also like the spec to mention what the JanRain guys said earlier:<BR>
that it's just for the IdP to tell the user, so the user can decide to<BR>
whitelist a whole realm prefix rather than each ugly return_to URL under<BR>
it.... and it adds nothing to the security.<BR>
<BR>
<BR>
<BR>
On Mon, 18 Sep 2006, Dick Hardt wrote:<BR>
<BR>
> Problem:<BR>
><BR>
> trust_root (8.2) has specific meaning in PKI terms that is very<BR>
> different from what it is being used for in OpenID. Realm is a term<BR>
> used in HTTP AUTH that reflects the usage.<BR>
><BR>
> Proposal:<BR>
><BR>
> Deprecate 'trust_root' and use 'realm'<BR>
><BR>
> _______________________________________________<BR>
> specs mailing list<BR>
> specs@openid.net<BR>
> <A HREF="http://openid.net/mailman/listinfo/specs">http://openid.net/mailman/listinfo/specs</A><BR>
><BR>
><BR>
_______________________________________________<BR>
specs mailing list<BR>
specs@openid.net<BR>
<A HREF="http://openid.net/mailman/listinfo/specs">http://openid.net/mailman/listinfo/specs</A><BR>
<BR>
</FONT>
</P>
</BODY>
</HTML>