RE: Centralization dangers of applying OpenID Connect to wallets protocols (was: Re: 2022-2026 Verifiable Data Standards Roadmap [DRAFT])

Rather than encouraging centralization, OpenID Connect was explicitly designed to give people choice of their identity providers (including being able to be their own identity provider – which is true of both SIOP v1 and SIOP v2). In particular, https://openid.net/specs/openid-connect-discovery-1_0.html#IssuerDiscovery describes a way to facilitate that user choice.  That some RPs didn't facilitate that choice enabled by OpenID Connect isn't a valid reason to criticize either the OpenID Connect protocol or the community behind it.

                                                       -- Mike

Received on Friday, 25 March 2022 15:34:04 UTC