On Mon, Dec 14, 2009 at 09:52:47AM -0800, Dirk Balfanz wrote: > Anyway - what we demonstrated at IIW was a simple "broadcasting" of who your > OP is. The RP would just do a JSONP call to a central discovery service > (which would carry the user's cookies for that service with it), and the > discovery service would reply with a list of OPs. As Andrew points out there > are privacy issues with this approach that make it infeasible - you would > either have to tell the central discovery service about your OPs, our you > don't. In the former case, the identity of the OPs would be revealed to any > RP that asks. Which is not good enough.
Isn't there another privacy issue here -- that the central discovery service learns what RP sites the user visits? It's not just that I don't want any old RP knowing what OPs I'm logged into (OPs leaking info to RPs), I also don't want mega-OPs like Google discovering what RP sites I frequent (RPs leaking info to OPs). This RP-to-OP leakage could be a tougher problem to solve -- it's straighforward for an OP to provide preferences to known users, but it's impossible for an RP to know that a certain as-yet-unknown party doesn't want the Google discovery service being involved. It would be easier to fix the RP-to-OP leakage if this mechanism was described in a formal spec, as that should facilitate development of browser add-ons to address privacy concerns. Better still would be to define this information as something to be provided by the User Agent / web browser. That would give the most efficient use of resources (no pinging OPs or discovery services that aren't being used), and would make it easiest for end users to retain control over all the privacy implications. Yes, it would mean a big hurdle for implementation, especially if there was any trouble getting Microsoft, Mozilla, or Apple to incorporate the features in their web browsers. -Peter _______________________________________________ specs mailing list sp...@lists.openid.net http://lists.openid.net/mailman/listinfo/openid-specs
