[OpenID] OpenId & Yadis Question
sappenin at gmail.com
Mon Feb 26 00:41:51 UTC 2007
> -----Original Message-----
> From: Lukas Rosenstock [mailto:inbox at lukasrosenstock.net]
> Sent: Sunday, February 25, 2007 4:44 PM
> To: David Fuelling
> Cc: yadis at lists.danga.com; general at openid.net
> Subject: Re: [OpenID] OpenId & Yadis Question
> > A.) Is this the proper way to do delegation? Above, gmail.com is
> > delegating
> > to sappenin.com.
> No, it would say that sappenin.com is your OpenID server.
> For delegation, there is the seperate openid:delegate-tag.
> > B.) If a client gets the Yadis doc above (after navigating to
> > MUST they (or SHOULD they) navigate to sappenin.com and try to perform
> > discovery again? If so, how many delegates are allowed? Not specified?
> There is only one step of delegation. The document at gmail.com must
> contain the OpenID-server in the URI tag so there is no need to do another
> Yadis discovery. Delegation is only a notification to the server to use
> another identifier instead of the one given by the user.
So, if the above Yadis doc were returned, but minus the opendid:delegate
element, then the RP would use https://sappenin.com/server.php as the OP
URL, but would still use http://sappenin.gmail.com as the OpenId(?)
Also, isn't the end-user allowed select the OpenId at the OP? If so, then
is the URL in the openid:delegate tag just a 'hint' to the OP? Or is it
required to be used?
More information about the general