Shade, > What you would be trusting Google for is not letting anyone else > (say, Google) pose as you. That's *their* end of the authentication > stick;
This would only true if Google is my OP. Merely allowing Google to advertise to the world who my OP is does not give them an opportunity to pose as me. Nonetheless, trusting Google or any single entity to be an OP is admittedly concerning to me. We all know how easily guys were able to get the password for Sarah Palin's email account from Yahoo. That was a human error and I'm not sure anybody is shielded from such human errors. It certainly wasn't malice. Perhaps what you're driving at is that you do not want one "point of failure" (a single human) in one organization to be the cause for a security breach and what you want is to have authentication go through a multi-OP authentication procedure in order to validate a user? If so, I can think of a way to do that without changing OpenID, though there would still be the single, final answer coming from some single entity. Do you want multiple replies to go back to the RP from multiple OPs, like having 2 locks on the front door of your home? This would force the user to essentially log in two times in order to get authenticated. > since they are the party being delegated from as well, you > also trust them to be up (available to RP's) when you want to login > somewhere. I would need Google to be up to advertise the location of my OP. If they were down, though, I could still manually enter my URL-based OpenID ID. You might be making a different point here and perhaps I'm missing it. > >I'm still confused. The blog or this joint venture site could accept > any > >OpenID identifier and would accept logins for the user associated with > that > >identifier. The user could provide an ID that is in the Yahoo domain, > the > >Google domain, or even his own domain. > > It's the OpenID identifier this site would *provide* that I'm > thinking about, Why would a blog *provide* an OpenID identifier? > though I'm still not seeing how it would provide any > improvement in uptime (nor, without MultiAuth, security), apart from > alternating between (cosigned?) XRD's pointing to each OP in turn; > that's more of a political balancing act, and not very effective, > either, from what I can see of it so far. Then, it's not as if I've > had the time to really look at it, yet; I can't be certain it's > useless or (if not) *how* it's useful, until I can thoroughly analyze > it. > > Right now, it's just something that *seems* as if it might have > potential, so I'm inquiring about it. Casually, briefly, and rather > less than briefly to respond with what little details I have at this > stage. So, if my understanding above is right, I think I understand where you're going. If not, then I guess I'm still lost :) Paul > -Shade > _______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
