OpenIDRenameTrustRootProposal

Original proposal: http://openid.net/pipermail/specs/2006-September/000018.html

Problem:

trust_root (8.2) has specific meaning in PKI terms that is very different from what it is being used for in OpenID. Realm is a term used in HTTP AUTH that reflects the usage.

Proposal:

Deprecate 'trust\_root' and use 'realm'. Per Brad's message also have the spec mention that the parameter is just for the IdP to tell the user, so the user can decide to whitelist a whole realm prefix rather than each ugly return_to URL under it....and it adds nothing to the security.

Retrieved from "http://wiki.openid.net/OpenIDRenameTrustRootProposal"

OpenID

OpenIDRenameTrustRootProposal

Problem:

Proposal:

Navigation

Search

Views

Personal tools

Toolbox