No subject


Wed Apr 8 00:30:30 UTC 2009


Connect's Single Sign Out behavior, where the RP's authentication
session appears to be tied to the user's Facebook browser session.
Aparently, logging out of either FB or any RP will log the user out of
all sites.<br>
<br>
Allen<br>
<br>
<br>
Luke Shepard wrote:
<blockquote cite="mid:C60204FD.29769%25lshepard at facebook.com"
 type="cite">
  <title>Re: [OpenID] &nbsp;What about Logout</title>
  <font face="Calibri, Verdana, Helvetica, Arial"><span
 style="font-size: 11pt;"><br>
  <br>
I think it would be relatively easy to add to the next spec. We could
add an additional mode or two - say, &#8220;logout_setup&#8221; or
&#8220;logout_immediate&#8221;. They would be behave the same as checkid_immediate
and checkid_setup, except in reverse &#8211; the RP must supply the correct
user credentials, and the OP can then log them out and return only
&#8220;success&#8221; or &#8220;failure&#8221;. <br>
  <br>
  </span></font></blockquote>
<br>
</body>
</html>

--------------070009080809000304090808--


More information about the general mailing list