>> As for one of the major advantages of BrowserID: it is a user-centric >> architecture unlike OpenID Connect.
> Can you explain what you mean by "user-centric" in this context? With OAuth2 (and hence OpenID Connect, I assume) the RP needs to be registered with the IdP. It is not user-centric because the user cannot arbitrarily choose an IdP -- they can only choose an IdP with whom the RP is registered, which may well mean only one of a handful of major IdPs. BrowserID is user-centric in that the RP can verify the signature of whichever email provider the user chooses. It doesn't rely on a prior agreements between the RP and IdP. -- James Manger _______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
