Comments on: OpenID is not a provisioning engine http://willnorris.com/2007/10/openid-is-not-a-provisioning-engine managing identity Wed, 08 Oct 2008 05:34:07 +0000 http://wordpress.org/?v=2.6.2 By: hCard is not a provisioning engine (for private data) http://willnorris.com/2007/10/openid-is-not-a-provisioning-engine#comment-14657 hCard is not a provisioning engine (for private data) Mon, 05 Nov 2007 23:30:00 +0000 http://willnorris.com/2007/10/openid-is-not-a-provisioning-engine#comment-14657 <p>[...] willnorris.com managing identities Skip to content AboutpgpProjectsWordPress YADIS/XRDS PluginWordPress OpenID PluginWordPress MicroID Pluginwp-xrdswpopenidArchives « OpenID is not a provisioning engine [...]</p> […] willnorris.com managing identities Skip to content AboutpgpProjectsWordPress YADIS/XRDS PluginWordPress OpenID PluginWordPress MicroID Pluginwp-xrdswpopenidArchives « OpenID is not a provisioning engine […]

]]> By: Danny Ayers http://willnorris.com/2007/10/openid-is-not-a-provisioning-engine#comment-14716 Danny Ayers Thu, 01 Nov 2007 09:46:37 +0000 http://willnorris.com/2007/10/openid-is-not-a-provisioning-engine#comment-14716 <p>For many years Semantic Web technologies have been weak on (distributed) authentication and the like, so it's quite funny to see the question "So what's the equivalent [of LDAP] in the decentralized OpenID world?".</p> <p>The decentralised OpenID world is the Web, and the Web of Data story is pretty well figured out with RDF (check the material around <a href="http://en.wikipedia.org/wiki/Linked_Data">Linked Data</a>). Specifically for the LDAP kind of situation, you'd probably want FOAF + vCard/RDF terms.</p> <p>Microformats like hCard are consistent with this, and can be directly interpreted as RDF using <a href="http://www.w3.org/TR/grddl-primer/">GRDDL</a>.</p> <p>(I forgot to mention there's now a foaf:openid property)</p> For many years Semantic Web technologies have been weak on (distributed) authentication and the like, so it’s quite funny to see the question “So what’s the equivalent [of LDAP] in the decentralized OpenID world?”.

The decentralised OpenID world is the Web, and the Web of Data story is pretty well figured out with RDF (check the material around Linked Data). Specifically for the LDAP kind of situation, you’d probably want FOAF + vCard/RDF terms.

Microformats like hCard are consistent with this, and can be directly interpreted as RDF using GRDDL.

(I forgot to mention there’s now a foaf:openid property)

]]> By: Chris Messina http://willnorris.com/2007/10/openid-is-not-a-provisioning-engine#comment-14420 Chris Messina Wed, 31 Oct 2007 04:39:12 +0000 http://willnorris.com/2007/10/openid-is-not-a-provisioning-engine#comment-14420 <p>Oh, and Will, it'd be awesome if you could put pressure on the OpenID spec folks to use vcard attributes for SREG!! ;)</p> Oh, and Will, it’d be awesome if you could put pressure on the OpenID spec folks to use vcard attributes for SREG!! ;)

]]> By: James Henstridge http://willnorris.com/2007/10/openid-is-not-a-provisioning-engine#comment-14398 James Henstridge Tue, 30 Oct 2007 13:40:27 +0000 http://willnorris.com/2007/10/openid-is-not-a-provisioning-engine#comment-14398 <p>The OpenID attribute exchange protocol does define a method for an OP to push changes out to RPs, so provided that part of the protocol is implemented the RP does not have to wait for the user to re-authenticate.</p> <p>While you might not be able to rely on this in the wild right now, you can in more controlled systems (e.g. using OpenID as a single sign-on system for a group of web sites).</p> The OpenID attribute exchange protocol does define a method for an OP to push changes out to RPs, so provided that part of the protocol is implemented the RP does not have to wait for the user to re-authenticate.

While you might not be able to rely on this in the wild right now, you can in more controlled systems (e.g. using OpenID as a single sign-on system for a group of web sites).

]]>