Open ID SUM

Please add comments towards an OpenID SUM

Purpose: To out line the process and elements involved in OpenID 1.0 identity and authentication. This SUM may be compared with other identity and access management SUMs.

References

•  http://www.identityblog.com/

•  http://openid.net/wiki/index.php/Introduction

•  http://openid.net/about.bml

•  http://en.wikipedia.org/wiki/OpenID

• uses Diffie-Hellman key agreement for exchange of shared IdP and RP secret rfc2631

• HMAC

• SHA1

---

Comments:

Hi Simon, this is a great piece of work and I've found it very useful. A minor piece of feedback - in the usage scenarios section, the example has the relying party communicating with the IdP without the user's knowledge. My understanding is that this will not always be the case and depends on the communication mode used (eg. checkid_immediate or checkid_setup). It may be a good idea to clarify that although the use-case is executed in this way, it is also possible for the user to be involved in the process. Regards, Owen