-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Luke Faraone wrote: > On Tue, Dec 2, 2008 at 17:29, Benjamin M. Schwartz <[EMAIL PROTECTED] >> wrote: > >> You misunderstand our purpose. The immediate technical goal is to >> authenticate that a given connection goes to a particular XO. The machine >> itself then becomes the identifying token used to authenticate the >> identity of the user. > > > Unfortunately that will only work for web applications which are > "sugar-aware"; the plus of openID is it's one standard, and everyone (soon) > will support it.
This situation is confusing; perhaps Sebastian is right. OpenID 1.0 identities are URLs, so in order for the XO to be the identity provider, it must have at least one guaranteed FQDN. The DNS system then provides the authentication mechanism. If Scott is able to achieve his goal of One Domain Name Per Laptop, then this seems entirely reasonable. We can run an identity provider on the laptop as a trivial HTTP server. If we cannot come up with a way to provide oersistent DNS (or for OpenID 2.0, even XRI) names for each laptop, then we cannot run the identity providers on the laptops. - --Ben -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkk1u0YACgkQUJT6e6HFtqQeYwCdHwKz11clxtT/YKKCVkCz/ZNi G9wAnjojHcjUyWgkwy1wSzl6uQ+Uzuh0 =2nk7 -----END PGP SIGNATURE----- _______________________________________________ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar