Jon Warbrick wrote:
> Mind you, given a working Shib IdP it shouldn't be too hard to create a
> OpenID IdP that used the same authentication credentials, or even that
> used the Shib IdP directly.
True. For interest, I'm involved with a 6-month JISC study into
OpenID being undertaken by EDINA and David Chadwick's group at
the University of Kent. ProtectNetwork, <http://www.protectnetwork.org/>,
already have an open-access IdP in the UK federation that automatically
makes accounts usable as OpenIDs as well in the way that you suggest.
We're not sure that the world really needs a proliferation of new
(institutional) OpenID _Providers_. Given the user-centric rather
than organisation-centric nature of OpenID, we're intending to
look at making a "bridge" IdP in the UK federation that accepts
existing personal OpenIDs and maps them to federation ePPN/ePTIs,
similar in concept to the existing open-access TypeKey Bridge,
<http://www.ukfederation.org.uk/content/Documents/TypeKeyIdentityBridge>
This bridge would use the Shib IdP software directly as you suggest.
Cheers,
Fiona.
|