[Openid-specs-ab] display_identifier handling in OpenID 2.0 to OpenID Connect Migration

Nat Sakimura sakimura at gmail.com
Thu Aug 28 13:26:37 UTC 2014


I meant that. Perhaps we can add a clarifying phrase. 

Nov's question however is about something different, I think. Buggy but popular OpenID 2.0 libraries are using OpenID.identity as the identifier that links asserted identity with the local account. These implementation will break with the current spec. The question is whether we should rescue them or not. 

=nat via iPhone

Aug 28, 2014 22:08、Markus Sabadello <markus.sabadello at gmail.com> のメッセージ:

> This has confused me as well when I read the spec.
> My sense is this spec should ignore openid.identity and just return openid.claimed_id = openid2_id.
> 
> Markus
> 
> 
> 
>> On Thu, Aug 28, 2014 at 4:53 AM, nov matake <nov at matake.jp> wrote:
>> OpenID 2.0 has 2 identifier, openid.claimed_id & openid.identity.
>> For historically reasons, some libraries/RPs are using openid.identity as user identifier, unfortunately.
>> 
>> Does this migration spec have plan to returning openid.identity? or just ignore such buggy libraries/RPs?
>> 
>> The biggest issue would be Y! inc & Y! Japan’s case.
>> They have fragment component only in openid.claimed_id.
>> _______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab
> 
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20140828/a2d80b74/attachment.html>


More information about the Openid-specs-ab mailing list