<div class="gmail_quote">On Tue, May 12, 2009 at 10:55 AM, Dick Hardt <span dir="ltr"><<a href="mailto:dick.hardt@gmail.com">dick.hardt@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div class="im"><br>
On 12-May-09, at 1:36 AM, Nat Sakimura wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
Reason for using RP's Subject in XRD instead of simply using realm is<br>
to allow for something like group identifier.<br>
</blockquote>
<br></div>
would you elaborate on the group identifier concept?</blockquote><div><br></div><div>I'm not sure what Nat is specifically referring to, but there was a US academic institution that provided OpenIDs for "classes" of people... i.e. students, teachers, etc.</div>
<div><br></div><div>When you signed in for certain application, the OP would respond with the appropriate identifier for a class of users.</div><div><br></div><div>So, imagine I use directed identity in a school application... when I sign in to the OP, it will return something like <a href="http://schoolname.edu/student">schoolname.edu/student</a> as the identifier.</div>
<div><br></div><div>You could imagine something similar where you could use authentication as a way to verify that someone comes from some geographic region or has previously registered for certain entitlements.</div></div>
<div><br></div>Chris<br clear="all"><br>-- <br>Chris Messina<br>Open Web Advocate<br><br><a href="http://factoryjoe.com">factoryjoe.com</a> // <a href="http://diso-project.org">diso-project.org</a> // <a href="http://openid.net">openid.net</a> // <a href="http://vidoop.com">vidoop.com</a><br>
This email is: [ ] bloggable [X] ask first [ ] private<br>