Story Henry wrote: > But instead of requiring an Identity server we use > PGP asymmetric key cryptography to identify the User Agent Owner. A point of order: In this context, PGP stands for "Pretty Good Privacy". It is a particular implementation, albeit a groundbreaking one. GPG (http://gnupg.org/ ) is another. I don't want to be tied to an implementation when I can use standards. I see from Wikipedia (http://en.wikipedia.org/wiki/Pretty_Good_Privacy ) that the relevant standard for public-key cryptography is rfc4880 (http://tools.ietf.org/html/rfc4880 ) If this would be easier to implement for me over openId/OAuth depends on the availability of libraries. I haven't had time to look into this or the technical merits of the solution yet. AnthonyReceived on Tuesday, 1 April 2008 15:27:09 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 1 April 2008 15:27:14 GMT