This assertion is used by the Relying Party as a claimed identity for verifying the session authentication.
The security limitations in an OpenID communication environment for users' online authentication are the malicious Relying Party that redirects the user to wrong or fake websites, considered as a phishing attack, and hackers hijacking the valid user session that is still an issue in this field [3].
Relying Party (RP): a Web application that wants proof that the end user controls an Identifier.
OpenID Provider (IDP): an OpenID Authentication server on which a Relying Party relies for an assertion that the end user controls an Identifier.
This process consists of a user, an identity provider (IDP), and a
relying party (RP) which operates as follows.
These will normally extend beyond
relying party losses and encompass some of the certification-service-provider's own risks.
(50) In Ben-Shahar's no-retraction regime, a disappointed
relying party can always threaten credibly to impose liability for her reliance damages upon a faithless suitor who walks away from the negotiations following the reliance.
That is, the subject should be able to get an assertion from a variety of authorities and present these assertions to the
relying party. As long as the
relying party trusts the authority to make such assertions about that particular subject, then there is no need for any of the components to use the same products or even be under the administrative control of the same organization.
Clearly, however, reliance is unjustified when the
relying party is negligent.
Federation operators and their respective
relying party members will leverage IAF assessments performed by Liberty Alliance accredited assessors to determine the credential-based identity services they are willing to trust.
A digital signature entails using a specific technology called public key infrastructure (PKI), which generally involves a certificate authority, registration authority, subscriber, and a
relying party. Very simply described, a PKI works as follows: