On 1/3/08, Rob Heittman <[EMAIL PROTECTED]> wrote:
> While in concept, it is neat that OpenID providers could authenticate you by > certificates, biometrics, facial recognition, or smell, in practice they > generally employ userid and password pairs and therefore offer nothing > stopping one from mapping that to HTTP Basic on a resource whose URI is > advertised. Yeah, there's also nothing stopping an OpenID provider to be have a RESTful authentication scheme. There's also other initiatives such as OAuth used by (among other things) OpenSocial. -- Stian Soiland, myGrid team School of Computer Science The University of Manchester http://www.cs.man.ac.uk/~ssoiland/