[prev in list] [next in list] [prev in thread] [next in thread]
List: openid-specs
Subject: Re: [OpenID] persistent, non-recycleable identifiers
From: SitG Admin <sysadmin () shadowsinthegarden ! com>
Date: 2009-12-01 23:06:20
Message-ID: f06110400c73b50692858 () [192 ! 168 ! 0 ! 2]
[Download RAW message or body]
>Who is authoritative for a Subject will depend on the trust model.
>In the common case it would be based on whoever controls the
>signing/SSL certificate for the domain name in the URL.
It would be excellent if the common OpenID libraries could exceed
modern browsers' security model, in this respect; the root CA's are a
group from within which individual members may act in effective
anonymity. Being able to discriminate between different CA's would
also lower the bar to alternatives like self-signed certificates (or
someone using their own CA).
-Shade
_______________________________________________
specs mailing list
specs@lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-specs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic