So legally (in most jurisdictions) this would be a device that is acting on behalf of a user
From: Dick Hardt [mailto:[email protected]] Sent: Monday, May 24, 2010 4:03 PM To: Anthony Nadalin Cc: OpenID Specs Mailing List Subject: Re: OpenID v.Next Core Protocol WG Charter :: DRAFT 2 That would be a capability served by OAuth. The user would delegate to the device to make API calls on behalf of the user for specific services. It is not a general purpose computing device that is acting as the user's identity agent. On 2010-05-24, at 3:59 PM, Anthony Nadalin wrote: These power grid devices are end points and need to logon to services to report, so they serve as servers and users From: Dick Hardt [mailto:[email protected]] Sent: Monday, May 24, 2010 3:33 PM To: Anthony Nadalin Cc: OpenID Specs Mailing List Subject: Re: OpenID v.Next Core Protocol WG Charter :: DRAFT 2 On 2010-05-24, at 7:51 AM, Anthony Nadalin wrote: > ensure the use of OpenID on mobile devices, Ensure the use of OpenID on devices Would like to make sure we cover devices that are not really in the mobile space (like power grid meters, switches, etc) All the power grid meters and switches I have seen are servers, not a device the user is using to log in with. > define profiles and support features intended to enable OpenID to be used > at levels of assurance higher than NIST SP800-63 v2 level 1 , Define profiles and support features intended to enable OpenID to be used at least 1 level of assurance higher than NIST SP800-63 v2 level 1. Want to make sure we set a goal that may be reachable but not to go after the highest level and fail. word smithing ...
_______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
