[prev in list] [next in list] [prev in thread] [next in thread]
List: openid-general
Subject: [OpenID] Open Id and Cookie
From: peter.davis () neustar ! biz (Peter Davis)
Date: 2008-02-08 19:31:24
Message-ID: 7FB90739-6BB9-4BAE-9191-E6EF6E7B1CEC () neustar ! biz
[Download RAW message or body]
Minor clarifications, but nat is correct.
It was originally done at Liberty, but was part of the work they
handed to the SSTC @ OASIS and is now part of SAML2
It is specified in the SAML Profiles spec, in section 4.3: Identity
Provider Discovery Profile which stipulates cookies written into 2nd
level domains, whereby authorized entities of the group of IDP/SPs
are issued 3rd level names, thus allowing for all entities to read/
write cookies effectively across domains
=peterd
On Feb 7, 2008, at 9:13 PM, Nat Sakimura wrote:
> Actually, something simlar to this has been done in the Liberty
> Alliance.
>
> The way it works is that the domains in the circle of trust shares one
> server with multiple domains (i.e., the domain of the member of the
> circle of the trust) , and effectively sharing the cookie.
>
> Regards,
>
> Nat Sakimura (=nat)
> Nomura Research Institute, Ltd.
>
> Eddy Nigg (StartCom Ltd.) wrote:
>> Cookies are usually limited to be readable only by the domain/site in
>> question. Other sites should not be able to read cookies which were
>> set by a different site. This doesn't work...not talking about other
>> implications this idea would have...
>>
>> Flash Mediastart wrote:
>>> Hi everybody,
>>>
>>> I want to know if a open id provider or anything else can create
>>> cookie
>>> and be able to read this ?
>>> The idea is that all website using open id identification methode
>>> can
>>> read this cookie in order to recognize automaticaly a user without
>>> asking an open id ?
>>>
>>> Thanks
>>> _______________________________________________
>>> general mailing list
>>> general at openid.net
>>> http://openid.net/mailman/listinfo/general
>>>
>>
>> --
>> Regards
>>
>> Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
>> Jabber: startcom at startcom.org <xmpp:startcom at startcom.org>
>> Blog: Join the Revolution! <http://blog.startcom.org>
>> Phone: +1.213.341.0390
>>
>>
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic