[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: CanonicalID in XrdOne/TrustWorkflowByExample
I am breaking up the threads into relevant topics. I think the CanonicalID should be a Cool URI (or persistent XRI), and not just a regular URI (Domain name). It is the CA's reponsibility that this Cool URI will never be reassigned to another Subject. It should be unique over the time: It must not point different Subject over the time. This is important for the OpenID usecase. In OpenID 2.0, it is the authentication service that assigns the cool uri, but it does not work in the delegation scenario. It should really be the XRD that assigns the unique identifier. -- Nat Sakimura (=nat) Nomura Research Institute, Ltd. XDI.ORG Vice Chair
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]