<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#ffffff" text="#000000">
    <font face="Helvetica, Arial, sans-serif">Hi John,<br>
      <br>
      I'm fine with the discovery spec defining the endpoints.. I was
      thinking specifically of something like /userinfo, like the OAuth2
      spec defines /authorize and /token path portions of the endpoint.
      Do we want that part variable on an implementation by
      implementation basis?<br>
      <br>
      Thanks,<br>
      George<br>
    </font><br>
    On 7/1/11 6:39 PM, John Bradley wrote:
    <blockquote
      cite="mid:F421D5D7-ED0B-4936-9398-1288530A7A43@ve7jtb.com"
      type="cite">I think it is better to leave the path to the IdP.  
      The discovery document for the IdP will list the endpoint URL.
      <div><br>
      </div>
      <div>I would not assume that the host is necessarily the same as
        the token or other endpoints.</div>
      <div><br>
      </div>
      <div>John B.<br>
        <div>
          <div>On 2011-07-01, at 6:28 PM, George Fletcher wrote:</div>
          <br class="Apple-interchange-newline">
          <blockquote type="cite">
            <div bgcolor="#ffffff" text="#000000"> <font
                face="Helvetica, Arial, sans-serif">Hi,<br>
                <br>
                I updated the text regarding the UserInfo request to say
                that it is an OAuth2 protected resource supporting the
                Bearer Token spec. I also changed the SHOULD to a MUST
                in the response text requiring the JSON object to
                compile with the specified schema if the schema
                parameter requests "openid". Also did some clean ups in
                the referenced specs information.<br>
                <br>
                One thing I just noticed is that we don't specify the
                path of the UserInfo endpoint. Do we want to do so?<br>
                <br>
                Thanks,<br>
                George</font> </div>
            <span><openid-connect-userinfo-1_0.html></span>_______________________________________________<br>
            Openid-specs-ab mailing list<br>
            <a moz-do-not-send="true"
              href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a><br>
            <a class="moz-txt-link-freetext" href="http://lists.openid.net/mailman/listinfo/openid-specs-ab">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><br>
          </blockquote>
        </div>
        <br>
      </div>
    </blockquote>
    <br>
    <pre class="moz-signature" cols="72">-- 
Chief Architect                   AIM:  gffletch
Identity Services Engineering     Work: <a class="moz-txt-link-abbreviated" href="mailto:george.fletcher@teamaol.com">george.fletcher@teamaol.com</a>
AOL Inc.                          Home: <a class="moz-txt-link-abbreviated" href="mailto:gffletch@aol.com">gffletch@aol.com</a>
Mobile: +1-703-462-3494           Blog: <a class="moz-txt-link-freetext" href="http://practicalid.blogspot.com">http://practicalid.blogspot.com</a>
Office: +1-703-265-2544           Twitter: <a class="moz-txt-link-freetext" href="http://twitter.com/gffletch">http://twitter.com/gffletch</a>
</pre>
  </body>
</html>