[OpenID] Wildcard realms and return URL verification discovery conflict

SitG Admin sysadmin at shadowsinthegarden.com
Wed Apr 8 06:02:02 UTC 2009

>But now consider Yahoo!, which performs the optional Return URL
>Verification step.  Per section 9.2.1 of the OpenID 2.0 spec, it will then
>attempt to perform discovery (for my RP's XRDS document) starting at

I have noticed this behavior, too (in a major OP other than Yahoo).

+1 to designing a solution for this into the spec.


More information about the general mailing list