headers
Hans Granqvist | 2 Jul 18:48

Re: [OpenID] OpenID and SSO

Probably some sort of black/white list, yep.

I see my proposed scheme more as a continuous identification
than authentication. The RP would then be able to decide which
level it needs, akin to the way some websites only force re-login
when needed (a la "Good Morning, Alice. If you are not Alice,
click here.")

Hans

On Tue, Jul 1, 2008 at 8:55 AM, SitG Admin
<sysadmin <at> shadowsinthegarden.com> wrote:
>> http://commented.org/blog/2008/1/3/continuous-openid.html
>
> You were envisioning something like a whitelist? If the user has to specify
> a site to assert their Identity to it, that's a (slightly different flow)
> login process :)
>
> -Shade
>
Permalink | Reply |
headers
Peter Williams | 2 Jul 19:46

Re: [OpenID] OpenID and SSO

Its establishing that sso des not preclude one being invited or required to confirm the release of the
cached web credentials to an rp,busing some ui step.

Its very nice that windows sends your credentials automatically to the lan printer also on the domain, so
you don't have to provide your pasword again merely to print. But, this is the only model of sso, and websso
in particular.

-----Original Message-----
From: Dick Hardt <dick <at> sxip.com>
Sent: Wednesday, July 02, 2008 9:18 AM
To: leon <at> kuunders.info <leon <at> kuunders.info>
Cc: general <at> openid.net <general <at> openid.net>
Subject: Re: [OpenID] OpenID and SSO

I'm unclear now on where this thread is going ... :)

fwiw: my point was that providing the user  something to click rather
then type is more desirable -- and propose that for OpenID, letting
the user cick something to login is a desirable end goal

wrt. below, implicit in a "Click to proceed" is telling the site that
you are a specific entity -- so you effectively have signed on.

-- Dick

On 2-Jul-08, at 12:58 AM, Leon Kuunders wrote:

> Think about IP addresses: are they personal information? If so, and
> following the train of thought mentioned by Dick, a user would not be
> able to choose to share information without sharing this information.
(Continue reading)

Permalink | Reply |
headers
SitG Admin | 2 Jul 22:08

Re: [OpenID] OpenID and SSO

>when needed (a la "Good Morning, Alice. If you are not Alice,
>click here.")

And if I'm not Alice, but merely have access to her computer?

"Good morning, unknown user. We think you are Alice, and will treat 
you as such unless you, as a potential infiltrator, decide to admit 
that you actually aren't Alice."

-Shade
Permalink | Reply |

Gmane