Friday, December 01, 2006

In triplicate

Pat appends to Johannes's list.

Pat asks the question:

how do IdPs and SPs decide which flavour they prefer?
I don't know, but I bet they log their choice for future audits.

I confess I thought LID was subsumed.

1 comment:

Johannes Ernst said...

To clarify: I'm referring to an alternate way of doing authentication using public keys that we continue to have in our InfoGrid product (and that has been LID's original way of authentication), for the simple reason that sometimes a public-key-based approach is superior to shared secrets, e.g. when non-repudiation is an issue.

As the OpenID momentum grows, and facilitated by the underlying Yadis discovery, I expect many people to define service types under the OpenID umbrella as they see the requirements in their parts of the market; in our case it precedes it, but the result is the same.