There is little to no ROI from an RP perspective. If anything, I
want to go the other way and only allow certain trusted OP's, not
open the door for the user to not only use multiple OP's, but pick a
different one at random each time. The risk is slighlty higher.
I'm not clear on how you're using "random" here. Is the XRDS so
constrained in its current format that any string which matches a URL
pattern will be treated as an OP? Could the user not, for instance,
add a list of OP's identified in such a way as to only be recognized
as valid OP's if the RP had written a library to specifically seek
them out? Will the RP be forced to select one of those OP's *at
random* if more than one is present?
Other than that it's simply a trust issue. Just because we don't know
WHY a user went with this OP over that one on a given occasion,
doesn't mean it's random! Indeed, one might argue that it's none of
our business why the user picked one over another. All we need to do
is ask for (PAPE) verification that the OP our user selected can meet
our demands for authentication. If it can't, we explain this to the
user and ask them to pick another one.
Trust of the OP's is not just our decision as Relying Parties, but
the user's as well.
-Shade
27 messages in net.openid.general[OpenID] XRDS multi-OP listing?
.gif, .gif
