[sugar] XO identity shared via Browse
Benjamin M. Schwartz
bmschwar at fas.harvard.edu
Tue Dec 2 17:48:38 EST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Luke Faraone wrote:
> On Tue, Dec 2, 2008 at 17:29, Benjamin M. Schwartz <bmschwar at fas.harvard.edu
>> wrote:
>
>> You misunderstand our purpose. The immediate technical goal is to
>> authenticate that a given connection goes to a particular XO. The machine
>> itself then becomes the identifying token used to authenticate the
>> identity of the user.
>
>
> Unfortunately that will only work for web applications which are
> "sugar-aware"; the plus of openID is it's one standard, and everyone (soon)
> will support it.
This situation is confusing; perhaps Sebastian is right. OpenID 1.0
identities are URLs, so in order for the XO to be the identity provider,
it must have at least one guaranteed FQDN. The DNS system then provides
the authentication mechanism. If Scott is able to achieve his goal of One
Domain Name Per Laptop, then this seems entirely reasonable. We can run
an identity provider on the laptop as a trivial HTTP server.
If we cannot come up with a way to provide oersistent DNS (or for OpenID
2.0, even XRI) names for each laptop, then we cannot run the identity
providers on the laptops.
- --Ben
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
iEYEARECAAYFAkk1u0YACgkQUJT6e6HFtqQeYwCdHwKz11clxtT/YKKCVkCz/ZNi
G9wAnjojHcjUyWgkwy1wSzl6uQ+Uzuh0
=2nk7
-----END PGP SIGNATURE-----
More information about the Sugar
mailing list