Quoting Stéphane Glondu (2013-05-16 10:57:19) > Le 16/05/2013 05:04, Philip Hands a écrit : > > Do you have any thoughts on how that compares with using > > BrowserID/Persona? I'd got the impression that BrowserID has been > > put together learning from mistakes of OpenID & WebID, but perhaps > > I'm just swallowing their marketing. > > IIUC, there is no transfer of metadata (name, etc.) with BrowserID, > unlike OpenID and WebID. An identity is an e-mail address, period.
Sounds like your are describing (optional(?) extensions to) OpenID. With WebID only an ID is transfered. That transfered ID is a URI pointing to a resource optionally containing more info. > A benefit compared to OpenID and WebID is that the relying party > doesn't need to query the identity provider each time, so this > improves privacy. Again, sounds like you are describing OpenID only. WebID allows (and encourages) caching. > BrowserID also relies on the CA cartel. You need to setup an HTTPS > (with a trusted certificate) server that responds to some hard-coded > path [1] to implement an identity provider. I see this as a serious > limitation, but I guess big identity providers don't care. > > There is an open issue [1] about looking up information in DNS instead > of the current hard-coded path. Maybe this, combined with DNSSEC, > could lift the HTTPS constraint. But this is work in progress. This seems similar as WebID: In principle ties to HTTPS - and therefore the CA cartel - is only optional (other URIs than http ones suffice). In reality alternatives to HTTP(S) is work in progress. If I understand correctly, BrowserID is by design tied to browsers - i.e. humans identifying themselves towards servers. WebID is not tied to browsers: it is equally useful for server-to-server communication. - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130516102031.29499.62...@bastian.jones.dk