On Mar 26, 2007, at 10:33 AM, Jeremy Frumkin wrote:
The easiest way to implement that infrastructure probably would be for every institution that might adopt OpenID to also become an OpenID provider, but then, unless there is a standard mechanism for linking one OpenID to another in a secure manner, we’re back at having multiple OpenIDs depending on our context.
This is true. It's even a Good Thing; it's kind of the whole point. Customers get to say, in essence, "Here's who I say I am. These providers will vouch for that." Customers get to choose which providers they want to identify them, and what data they want to release. It's only natural that I'd have more than one possible identity, and I don't want them linked together in some magical way. If I want to tell you about more than one identity profile, I should do that of my own volition. Making it really easy to choose my identity is the web browser's job. That's where Sxipper (and Firefox 3?) comes in. The big infrastructure we need to build is in deciding what's a trustworthy identity, and what we're willing to do with that knowledge. Cheers, -Nate