Tim Bray just bloggedabout openid.sun.com, which is an identity provider for Sunemployees only. Interesting! Though technically one would like to beable to do independent assertions about user centric identities ("worksfor Sun" being a reasonable assertion one could make about anyidentity). I suppose though that someone could use OP delegation topoint http://me.example.org to openid.sun.com and achieve part of thesame effect. And in the end you'll need to rely on something likeopenid.sun.com to validate assertions presumably.