yadis Digest, Vol 13, Issue 14

Chris Drake christopher at pobox.com
Sat May 27 22:00:22 UTC 2006

Sunday, May 28, 2006, 4:54:37 AM, Drummond Reed wrote:

DR> ### My understanding of this option is that in order for the site to simply
DR> offer an "i-names" logo that the user could click to begin their login
DR> process, it would require a common "trusted authentication proxy" (what I
DR> had called an "anonymizing authentication service"). Since you're right that
DR> this option would require the same trusted authentication proxy for all
DR> relying parties, IMHO this is a non-starter. ###

No - my mistake - and Less complicated than my double-blind idea:

All relying parties will have their own I-Broker.

The relying partly simply links their inames logo to their own
ibrokers login page.

All we've got to do is get all I-Brokers to agree to redirect incoming
inames-holders off to their correct I-Broker if they attempt to log in
to the wrong place.

With good cookie handling, this makes one-click inames logins
possible, even though some of the time there will be an extra redirect
from a wrong ibroker.

Again - with good cookie handling - this won't significantly alter
most users I-Broker login experience - however - when someone arrives
at an ibroker with no cookies, the ibroker will need to NOT ask for
their password until they know it's their customer...

Kind Regards,
Chris Drake

More information about the yadis mailing list