- From: Kaliya <kaliya@mac.com>
- Date: Thu, 07 Oct 2010 08:30:33 +0100
- To: Harry Halpin <hhalpin@ibiblio.org>
- Cc: Dick Hardt <dick.hardt@gmail.com>, Mischa Tuffield <mischa.tuffield@garlik.com>, Paul Trevithick <ptrevithick@gmail.com>, public-xg-socialweb@w3.org
On Oct 7, 2010, at 8:02 AM, Harry Halpin wrote: > On Thu, Oct 7, 2010 at 8:00 AM, Dick Hardt <dick.hardt@gmail.com> > wrote: >> Defining an identity provider to authenticate the user limits >> >> >> On 2010-10-06, at 9:24 AM, Harry Halpin wrote: >>> >>> >>> A identity provider is a service (e.g. an OpenID identity provider) >>> that authenticates a person and provides a set of attributes about a >>> person to a third-party. >>> >>> Note that add of *authenticates* and being explicit about a >>> third-party. That OK? >>> >> >> Saw this phrase and potentially jumping in out of context. >> >> Requiring the IdP to authenticate the user restricts a class of >> IdP's that may be making only a claim about the user, but not >> authenticating them. > > How about "may" authenticate? Then we cover both bases. > > We focus mostly on authentication, keeping attributes and claims kinda > under the "profile" term, but yes, good point. Not all authentications move attributes. > >> >> -- Dick >
Received on Thursday, 7 October 2010 07:31:11 UTC