On May 20, 2010, at 10:54 AM, Ben Laurie wrote: > > This is already relaxed by federation since the IdP has to assert the > > identity, > > The IdP (in most federated systems I've ever seen) is making an assertion > that: > > i) It has verified, in some way, the identity of someone. > ii) That this same "someone" has an account with the IdP > and optionally, iii) That this same "someone" has recently supplied a shared > secret indicating that he or she is "logged in" to his or her account at the > IdP. > > None of those things is an assertion about "identity", per se. > > I'm not sure I'm really interested in this discussion,
By which, I suppose you must (roughly) agree with my statements ;) > but I note you said "...verified the identity... " which sounds to me like it > might have something to do with identity. Per se. "Something to do with...", certainly. Not the same thing as "assert the identity". Regards, - johnk _______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
