OpenID, YADIS and Directed Identity
Martin Atkins
mart at degeneration.co.uk
Sun Feb 12 18:24:45 UTC 2006
Michael Graves wrote:
>
> What would be need to support this? The only change that I can think of would
> be that the relying party would not require the "input" login URL to be the
> same as the "output" login URL. If I can start by entering "idsrus.com", then
> choose one of a number of personae that I control, including a one-time persona
> that I made up on the fly just for this login, as long as the OpenID (or insert
> your favorite protocol here) consumer evaluates the *output* URL I think it all
> works out. As it is, OpenID is expecting (cryptographically) a match on the
> input URL.
>
So I enter my identity URL as mart.whatever.com and my identity server
tells the relying party "The remote user is 8769387639.whatever.com".
What have I gained here? They know I originally entered
mart.whatever.com, so they can tell that the two correlate.
I'm obviously missing something.
More information about the yadis
mailing list