Let me confirm a point. On #1, do you mean to enforce OpenID to control the identity-holders are permitted to access what kind of content or service on RP or provide some kind of help making RP's decision easier?
I feel it is natural for RP to do access-control be itself, but on the other hand, any information which describes what kind of person the accessing web-user is, will be welcome for RPs such as gender, age or any kind of attributes. McGovern, James F wrote: > Figured I would ask if anyone is interested in brainstorming the next > version of OpenID and how it can be used in Enterprise B2B settings and > not solely focusing on consumerish interactions. Some things that I > would like to see in the next version are: > > 1. A discussion on how AuthZ can converge with OpenID > 2. Modeling of relationships > 3. Not allowing an OpenID to be a vector for SQL Injection and putting > something around what it should look like > 4. A way to indicate to the relying party what level of authentication > has occurred such as did the OP check a password, how did it validate a > user. Without this, there is no way that a trust model could be > established in a credible way. > > 5. A way for OpenID relying parties to filter out Ops. In a business > scenario, if I run the Sun employee store, I may only want the Sun OP to > talk with me. > > > > ************************************************************************* > This communication, including attachments, is > for the exclusive use of addressee and may contain proprietary, > confidential and/or privileged information. If you are not the intended > recipient, any use, copying, disclosure, dissemination or distribution is > strictly prohibited. If you are not the intended recipient, please notify > the sender immediately by return e-mail, delete this communication and > destroy all copies. > ************************************************************************* > > > ------------------------------------------------------------------------ > > _______________________________________________ > specs mailing list > specs@openid.net > http://openid.net/mailman/listinfo/specs _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs