C. Bergström wrote:
"OpenID at Work is a Sun Identity Provider of OpenID for Sun employees
and runs on Sun Java System Web Server 7.0. Using OpenID.sun.com, Sun
employees can seamlessly access any web site that leverages OpenID for
authentication purposes. The site is deployed on Sun Fire X2200 M2
servers running the Solaris 10 Operating System."
http://www.sun.com/bigadmin/features/articles/openid_web_server.jsp
I know it's pointless to argue with you, but I am curious which expert
deemed OpenID to not be trustworthy enough for this..
Of course, as Calum noted, openid.sun.com no longer exists.
As far as the technical issues with openid, it's security issues are
well known. It has been relatively successful precisely because it was
implemented with a limited set of goals in mind which allowed it to be
much simpler than competing, full-featured protocols.
As to why Sun would deploy openid.sun.com, it is easy to see that the
suitability of any particular identity protocol is a function of the
needs of the consumer of that protocol. That is, if a particular
service finds that openid provides the security it requires, then
there is certainly nothing wrong with it using it, and providing a
openid server for employees to use to sign on to that service makes
perfect sense. That doesn't mean that some other service must use
openid as well, if openid does not provide the needed attributes.
--
blu
It's bad civic hygiene to build technologies that could someday be
used to facilitate a police state. - Bruce Schneier
----------------------------------------------------------------------
Brian Utterback - Solaris RPE, Sun Microsystems, Inc.
Ph:877-259-7345, Em:brian.utterback-at-ess-you-enn-dot-kom
_______________________________________________
website-discuss mailing list
[email protected]
