The authentication mechanism itself is out of scope. You can, as an OP, select whatever the authentication mechanism you may want to use. OpenID Connect is concerned about transferring the information around the authentication event to another party. It is a federation protocol.
Nat 2014-09-25 1:17 GMT+09:00 Chris Drake <[email protected]>: > Hi, > > Can anyone tell me if any kind of mutual-authentication or other kind of > phishing-protection is present anywhere in the specs? > > Kind Regards, > Chris Drake > -- Nat Sakimura (=nat) Chairman, OpenID Foundation http://nat.sakimura.org/ @_nat_en
_______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
