- From: Virginia Balseiro <info@virginiabalseiro.com>
- Date: Tue, 22 Apr 2025 15:30:55 +0000
- To: public-solid@w3.org
Hi all, I want to ask a potentially silly question about Solid-OIDC :) AFAICT, with static registration, clients need to be very aware of IDPs, registering themselves statically (read: manually) on a particular "broker" service. This means it is not particularly scalable for a decentralized ecosystem. Dynamic client registration is perhaps more suitable for a decentralized ecosystem, but the benefits in terms of security seem marginal since any client can register themselves dynamically. In addition, there have been conversations (and there might have been implementations) about potential restrictions of certain operations and/or certain resources to particular clients means that users will need to contact / request their RP / service providers to allow a certain application that they prefer / trust. These approaches sound for sure very secure, but doesn't seem to align to the promise of individuals having the "autonomy" that Solid is supposed to offer. I may have misunderstood some of the technical details but it seems to me (Solid-)OIDC's model isn't particularly fitting for Solid. My question is, how would this be reasonably usable and scalable in a decentralized / open ecosystem? Cheers, Virginia https://virginiabalseiro.com/#me
Received on Tuesday, 22 April 2025 15:31:07 UTC