Nina Jeliazkova wrote:
> Hi Andreas,
> 
> Andreas Maunz wrote:
>> Hi Nina and all,
>>
>> Nina Jeliazkova wrote:
>>   
>>> Current status :
>>>
>>>     * Own (minimal) implementation of AA for some services (NTUA, IDEA
>>>       –HTTP Basic for dataset POST, others?)
>>>     
>> All: correct me if I am wrong, but I guess there is virtually no AA 
>> implemented in any individual partner service.
>>   
> Correct, there are attempts to protect some resources from
> spammers/incident writing by HTTP Basic, but that should not be
> considered anywhere near AA.
Which is also a good thing, in that we can choose freely between 
candidate technologies.

>>> Options:
>>>
>>>     * Centralized service providing Identity
>>>     * Federated AA
>>>     
>> I am in favor of a centralized service:
>> - could be a service (later also paid service) that we offer to the 
>> community.
>> - will be easy to maintain by a single party (Accounts are most often 
>> created only once and then just used).
>>
>>   
>>> Technologies to consider (the list is not complete!) :
>>>     * HTTP Basic + SSL
>>>     * HTTP Digest
>>>     * OpenID
>>>     * OpenAuth
>>>     * Google OAuth & Federated Login  
>>>       http://sites.google.com/site/oauthgoog
>>>       <http://sites.google.com/site/oauthgoog/Overlap>
>>>     * FOAF + SSL (pretty new)  http://esw.w3.org/topic/foaf+ssl
>>>     * SAML
>>>     
>> Personally I would give FOAF + SSL a try, due to its integration with REST.
>>   
> Do you have any experience on  FOAF+SSL in this context and what is the
> support by the different platforms, used by partners?  
Not specifically with FOAF+SSL. But I have some experience with SSL 
certificates and would be willing to get into the topic.

Best regards
Andreas