This use case is solved with OAuth. This is the user delegating to a client.
On 2010-05-24, at 4:12 PM, Anthony Nadalin wrote: > So legally (in most jurisdictions) this would be a device that is acting on > behalf of a user > > From: Dick Hardt [mailto:[email protected]] > Sent: Monday, May 24, 2010 4:03 PM > To: Anthony Nadalin > Cc: OpenID Specs Mailing List > Subject: Re: OpenID v.Next Core Protocol WG Charter :: DRAFT 2 > > That would be a capability served by OAuth. The user would delegate to the > device to make API calls on behalf of the user for specific services. It is > not a general purpose computing device that is acting as the user's identity > agent. > > On 2010-05-24, at 3:59 PM, Anthony Nadalin wrote: > > > These power grid devices are end points and need to logon to services to > report, so they serve as servers and users > > > From: Dick Hardt [mailto:[email protected]] > Sent: Monday, May 24, 2010 3:33 PM > To: Anthony Nadalin > Cc: OpenID Specs Mailing List > Subject: Re: OpenID v.Next Core Protocol WG Charter :: DRAFT 2 > > > On 2010-05-24, at 7:51 AM, Anthony Nadalin wrote: > > > > > ensure the use of OpenID on mobile devices, > Ensure the use of OpenID on devices > > Would like to make sure we cover devices that are not really in the mobile > space (like power grid meters, switches, etc) > > All the power grid meters and switches I have seen are servers, not a device > the user is using to log in with. > > > > > > define profiles and support features intended to enable OpenID to be > > used at levels of assurance higher than NIST SP800-63 v2 level 1 , > Define profiles and support features intended to enable OpenID to be used at > least 1 level of assurance higher than NIST SP800-63 v2 level 1. > > Want to make sure we set a goal that may be reachable but not to go after the > highest level and fail. > > word smithing ... > >
_______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
