Comments on: OpenID 2.0’s Killer Feature http://barelyenough.org/blog/2007/12/openid-20s-killer-feature/ Mon, 08 Mar 2010 17:12:58 +0000 http://wordpress.org/?v=2.9.1 hourly 1 By: Does OpenID Have an Identity Crisis? « hueniverse http://barelyenough.org/blog/2007/12/openid-20s-killer-feature/comment-page-1/#comment-76387 Does OpenID Have an Identity Crisis? « hueniverse Tue, 08 Sep 2009 06:59:50 +0000 http://pezra.barelyenough.org/blog/2007/12/openid-20s-killer-feature/#comment-76387 <p>[...] key to brand-driven login, of course, is Directed Identity. It’s the feature of OpenID in which the user does not enter his OpenID URI, but instead, [...]</p> [...] key to brand-driven login, of course, is Directed Identity. It’s the feature of OpenID in which the user does not enter his OpenID URI, but instead, [...]

]]> By: http://pezra.barelyenough.org/ http://barelyenough.org/blog/2007/12/openid-20s-killer-feature/comment-page-1/#comment-40275 http://pezra.barelyenough.org/ Wed, 26 Dec 2007 17:59:51 +0000 http://pezra.barelyenough.org/blog/2007/12/openid-20s-killer-feature/#comment-40275 <p>Nilez Parker,</p> <p>Unfortunately, I have not really spent a lot of time looking at what OAuth is capable of, so I cannot really say.</p> Nilez Parker,

Unfortunately, I have not really spent a lot of time looking at what OAuth is capable of, so I cannot really say.

]]> By: Nilez Parker http://barelyenough.org/blog/2007/12/openid-20s-killer-feature/comment-page-1/#comment-40255 Nilez Parker Sat, 22 Dec 2007 02:28:27 +0000 http://pezra.barelyenough.org/blog/2007/12/openid-20s-killer-feature/#comment-40255 <p>above, the reference to "direct identity" really meant "identity discovery"...</p> above, the reference to “direct identity” really meant “identity discovery”…

]]> By: Nilez Parker http://barelyenough.org/blog/2007/12/openid-20s-killer-feature/comment-page-1/#comment-40254 Nilez Parker Sat, 22 Dec 2007 02:18:14 +0000 http://pezra.barelyenough.org/blog/2007/12/openid-20s-killer-feature/#comment-40254 <p>This new feature is definitely killer. I've spent so much time already trying to figure out if I can accomplish complete transparency between several apps with the current status of OpenId and OAuth.</p> <p>It's nice to be able to do direct identity, but that doesn't seem to be all that efficient with OAuth. Wouldn't it be sufficient for an OAuth consumer to pass an openid_url and a kind of permission-to-act-as token, and then the OAuth provider go and authenticate that token with the user's openid_server? In effect, the OAuth consumer has been granted permission to "act as" the user; and the OAuth provider just verifies that fact. What do you think? It'd be less hassle between apps, and zero user interaction.</p> This new feature is definitely killer. I’ve spent so much time already trying to figure out if I can accomplish complete transparency between several apps with the current status of OpenId and OAuth.

It’s nice to be able to do direct identity, but that doesn’t seem to be all that efficient with OAuth. Wouldn’t it be sufficient for an OAuth consumer to pass an openid_url and a kind of permission-to-act-as token, and then the OAuth provider go and authenticate that token with the user’s openid_server? In effect, the OAuth consumer has been granted permission to “act as” the user; and the OAuth provider just verifies that fact. What do you think? It’d be less hassle between apps, and zero user interaction.

]]>