yadis Digest, Vol 13, Issue 14
christopher at pobox.com
Sat May 27 22:00:22 UTC 2006
Sunday, May 28, 2006, 4:54:37 AM, Drummond Reed wrote:
DR> ### My understanding of this option is that in order for the site to simply
DR> offer an "i-names" logo that the user could click to begin their login
DR> process, it would require a common "trusted authentication proxy" (what I
DR> had called an "anonymizing authentication service"). Since you're right that
DR> this option would require the same trusted authentication proxy for all
DR> relying parties, IMHO this is a non-starter. ###
No - my mistake - and Less complicated than my double-blind idea:
All relying parties will have their own I-Broker.
The relying partly simply links their inames logo to their own
ibrokers login page.
All we've got to do is get all I-Brokers to agree to redirect incoming
inames-holders off to their correct I-Broker if they attempt to log in
to the wrong place.
With good cookie handling, this makes one-click inames logins
possible, even though some of the time there will be an extra redirect
from a wrong ibroker.
Again - with good cookie handling - this won't significantly alter
most users I-Broker login experience - however - when someone arrives
at an ibroker with no cookies, the ibroker will need to NOT ask for
their password until they know it's their customer...
More information about the yadis