OpenID, YADIS and Directed Identity

Martin Atkins mart at degeneration.co.uk
Sun Feb 12 18:24:45 UTC 2006


Michael Graves wrote:
> 
> What would be need to support this? The only change that I can think of would 
> be that the relying party would not require the "input" login URL to be the 
> same as the "output" login URL. If I can start by entering "idsrus.com", then 
> choose one of a number of personae that I control, including a one-time persona 
> that I made up on the fly just for this login, as long as the OpenID (or insert 
> your favorite protocol here) consumer evaluates the *output* URL I think it all 
> works out. As it is, OpenID is expecting (cryptographically) a match on the 
> input URL.
> 

So I enter my identity URL as mart.whatever.com and my identity server
tells the relying party "The remote user is 8769387639.whatever.com".
What have I gained here? They know I originally entered
mart.whatever.com, so they can tell that the two correlate.

I'm obviously missing something.




More information about the yadis mailing list