Re: IdP API Text

As promised, here is the new text for the IdP API.

For your reading convenience, I have rendered this in ASCII.

-Ekr


NEW TYPE: RTCIdentityAssertion
...


Hi Ekr,

I understand this API intends to provide a generic model (sign/verify) to hide the variations of different identity protocols by using a JS proxy from the IdP.
However, I am not clear about these questions:

1)    What identity protocols are covered by this API? Will this API support all those listed in [1] (Section 4.1), or will it only support those that conforms to its model? For example, WebID [2] doesn't seem to follow this sign/verify model.

2)    I don't remember returning a JS proxy is part of BrowserID or OAuth 2.0. Is this something we expect the IdP to add?

3)    The API assumes an IdP will sign an arbitrary message handed to it. I am not sure BrowserID or OAuth provides this function, as I remember they just sign their own tokens.

Maybe a mapping from the API to the concrete identity protocols it covers will help.

Thanks.
Li

[1] http://tools.ietf.org/html/draft-ietf-rtcweb-security-arch-03
[2] https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/index-respec.html

Received on Thursday, 6 September 2012 20:25:11 UTC