Trust/threat model for OpenID
Ben Hyde
bhyde at pobox.com
Mon Jul 31 20:19:10 UTC 2006
On Jul 31, 2006, at 1:15 PM, Drummond Reed wrote:
> As far as "the default behavior", that's not quite the
> right question:
I beg to differ :-).
> this is a feature that an OpenID IdP/i-broker either
> implements or not. If they've implemented it, a user can do
> anonymous login
> simply by using the identifier of their IdP/i-broker. So it's up to
> a user
> whether they want to be anonymous or not.
Right, agreed, assuming somebody demonstrates that it's implementable.
But really, isn't that the wrong design?
- ben
More information about the yadis
mailing list