When Brad designed OpenID last year, his goal was only to "move an 'identifier claim'". I certainly wouldn't say that this is a flaw within his design, rather a conscious decision to keep the protocol simple and implementable.
With the framework Yadis and OpenID provides, it is possible to build other services on top, including profile exchange. OpenID Simple Registration (http://www.openidenabled.com/openid/simple-registration-extension/) is already an example of how nine pieces of profile data can be requested by a relying party and provided with the identity assertion from the IdP. In any case, you'll be able to move rich attribute value assertions on top of OpenID within the next month, with the end goal being a framework flexible enough to pass around XML-vCards, Sxip 2.0 key/value pairs, the Dix SAML profile, other opaque messages, and whatever else becomes popular in the future. --David -----Original Message----- From: John Merrells [mailto:[EMAIL PROTECTED] Sent: Sunday, June 04, 2006 8:41 PM To: Digital Identity Exchange Subject: Re: [dix] Re: [Ietf-http-auth] BOF Request: WARP - Web AuthenticationResistant to Phishing On 4-Jun-06, at 4:59 PM, Johannes Ernst wrote: > Let's not mistake orthogonality for limitation when looking at > designs. Yes, and let's not confuse flaws with features. If OpenID could move attribute value assertions we'd all be better off. John _______________________________________________ dix mailing list [email protected] https://www1.ietf.org/mailman/listinfo/dix
