tag:blogger.com,1999:blog-12447072.post116316236422089489..comments2024-02-13T08:56:52.521-05:00Comments on ConnectID: OpenID Extensibility for Strong AuthPaul Madsenhttp://www.blogger.com/profile/08489111023182783403noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-12447072.post-1163234391927470482006-11-11T03:39:00.000-05:002006-11-11T03:39:00.000-05:00Pete, you summarized it better than I could have. ...Pete, you summarized it better than I could have. Why do it? So IdPs can better protect their users... which builds community trust, which leads to the possibility of extending into scenarios where they're trusted by businesses such as banks, which moves the world from monolithic (enterprise) security to top-level defined security federations to a truly decentralized model where IdPs will build Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-12447072.post-1163186083788701002006-11-10T14:14:00.000-05:002006-11-10T14:14:00.000-05:00"This could work if an IDP only supported a single..."This could work if an IDP only supported a single authentication mechanism. If not, the RP wouldn't know which was used for any given assertion."<BR/><BR/>True, but it will be some time before OpenID gets to the point where this is a concern.<BR/><BR/>"Indeed, but if the RP doesn't trust the IDP, its unlikely to care about how the IDP authenticated the user. And if the RP doesn't care, why wouldAnonymousnoreply@blogger.com