28 Jun 01:59
Re: [OpenID] Negotiating a backup OP from the current OP
From: SitG Admin <sysadmin <at> shadowsinthegarden.com>
Subject: Re: [OpenID] Negotiating a backup OP from the current OP
Newsgroups: gmane.comp.web.openid.general
Date: 2008-06-27 23:59:53 GMT
Subject: Re: [OpenID] Negotiating a backup OP from the current OP
Newsgroups: gmane.comp.web.openid.general
Date: 2008-06-27 23:59:53 GMT
>To do that, we need to evolve the protocol so that RPs don't feel >they need to distinguish between OPs. Quick thought - I agree that doing this in OpenID is a good thing, since it lifts some of the burden from RP's, but more delineation in security for just about *any* website these days is a good thing - most of them have a great deal of room for improvement :( I just started to expand this quick thought and then realized it's way too much for the time I have now. Let me say, then, that RP's could restrict access to some operations by OP, saying "You can use any old OP for your daily stuff, but when you want to change account info you must use Verisign's secure authentication." -Shade
RSS Feed