Just to be clear, identity provider in SAML isn't intended to mean
that this system entity is providing an identity to a digital
subject -- it means that this system entity is providing identity
information (specifically verification/authentication info) to a
relying party/service provider.
] [mailto:[EMAIL PROTECTED] On Behalf
Of Eve L. Maler
Sent: Tuesday, November 07, 2006 8:16 AM
To: specs@openid.net
Subject: Re: IdP vs OP (WAS: RE: Editors Conference Call)
Delurking for the first time on this list: :-)
Drummond and I are on the same page about many things, but John is
right
] [mailto:[EMAIL PROTECTED] On Behalf
Of Recordon, David
Sent: Monday, November 06, 2006 11:46 AM
To: Dick Hardt; John Kemp; Patrick Harding
Cc: specs@openid.net
Subject: IdP vs OP (WAS: RE: Editors Conference Call)
I see both sides of this discussion. I think John is correct that the
role
On 6-Nov-06, at 11:46 AM, Recordon, David wrote:
I see both sides of this discussion. I think John is correct that the
role of an OP really is not that different than that of SAML's
IdP. The
difference comes down to the trust model. I certainly think
reputation
networks will exist
On 6-Nov-06, at 10:25 PM, Drummond Reed wrote:
Why? It's because in a user-centric identity, the OP is fundamentally
NOT (that enough stars for you? ;-) the provider of
anyone's
identity.
It is providing the OpenID protocol service though, correct?
Not sure if you are
On 7-Nov-06, at 7:59 AM, John Kemp wrote:
Dick Hardt wrote:
On 6-Nov-06, at 11:46 AM, Recordon, David wrote:
I see both sides of this discussion. I think John is correct
that the
role of an OP really is not that different than that of SAML's
IdP. The
difference comes down to the
Dick Hardt wrote:
On 7-Nov-06, at 7:59 AM, John Kemp wrote:
I don't believe that trust is a differentiator between SAML
specifications and OpenID Authentication specifications.
It is AFAICT, in both cases, simply out of scope.
I should have been more clear, IdP is a Federation term and
On 7-Nov-06, at 8:17 AM, John Kemp wrote:
Dick Hardt wrote:
On 7-Nov-06, at 7:59 AM, John Kemp wrote:
I don't believe that trust is a differentiator between SAML
specifications and OpenID Authentication specifications.
It is AFAICT, in both cases, simply out of scope.
I should have
]
On Behalf
Of Recordon, David
Sent: Monday, November 06, 2006 11:46 AM
To: Dick Hardt; John Kemp; Patrick Harding
Cc: specs@openid.net
Subject: IdP vs OP (WAS: RE: Editors Conference Call)
I see both sides of this discussion. I think John is correct
that the
role of an OP really
Eve L. Maler wrote:
On balance I prefer identity provider because
it's intuitive in an English sense, it's used in several technology
contexts (not just SAML and OpenID), and it avoids a terminological
branding that would otherwise seem to suggest a conceptual
divergence that doesn't --
is using classic identity federation or not.)
=Drummond
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of Eve L. Maler
Sent: Tuesday, November 07, 2006 8:16 AM
To: specs@openid.net
Subject: Re: IdP vs OP (WAS: RE: Editors Conference Call)
Delurking
John Kemp wrote:
Drummond Reed wrote:
And it doesn't stop there. OpenID also supports OPs that
***have zero control over the user's OpenID identifier***. The OP simply
provides a service for authenticating that a user has control of the OpenID
identifier about which the OP is being queried.
versus driving them further apart.
--David
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Dick Hardt
Sent: Wednesday, November 01, 2006 2:20 PM
To: John Kemp
Cc: specs@openid.net
Subject: Re: Editors Conference Call
On 1-Nov-06, at 12:28 PM, John Kemp
: Monday, November 06, 2006 11:46 AM
To: Dick Hardt; John Kemp; Patrick Harding
Cc: specs@openid.net
Subject: IdP vs OP (WAS: RE: Editors Conference Call)
I see both sides of this discussion. I think John is correct that the
role of an OP really is not that different than that of SAML's IdP
, David; specs@openid.net
Subject: RE: Editors Conference Call
Dave,
Can you please clarify how an OpenID Provider is 'very' different
from the role of Identity Provider as defined in SAML or WS-*.
Thanks
- Patrick
Rename Identity Provider to OpenID Provider (IdP - OP) to add
clarity
Dick explain since it was his proposal and I didn't really
care about if we changed the name or not. ;)
--David
From: Patrick Harding [mailto:[EMAIL PROTECTED]
Sent: Monday, October 30, 2006 7:47 PM
To: Recordon, David; specs@openid.net
Subject: RE: Editors Conference Call
Dave,
Can you
Dick Hardt wrote:
It would be nice to see a clear definition of an OP in order to
determine the exact differences between such an entity and an IdP, but,
in the absence of such, some questions:
Dick Hardt wrote:
Thanks David! ;-)
Patrick, as you point out, Identity Provider is a well
This morning Dick, Josh, and I got on Skype for 2.5 hours to try and
hash through all the remaining proposals. Unfortunately Brad couldn't
join us, though I did talk to him about some of this stuff as well
beforehand.
- Authentication Age will be developed as an extension due to questions
18 matches
Mail list logo