OpenID Auth 2.0 and user-agent neutrality (or, OpenID with REST/SOAP)

Johannes Ernst jernst+apache.org at netmesh.us
Sun Nov 19 05:46:26 UTC 2006


On Nov 18, 2006, at 15:34, John Kemp wrote:

>> OpenID 1.1 did not have a large payload. We expect the payloads to be
>> much larger with OpenID 2.0.
>
> I guess the payload size will vary according to the RP and IdP
> implementations, no?

Yes. And so far the only need for large payload sizes that I have  
seen relate to a still somewhat controversial spec that will only be  
implemented by less than 100% of all RPs and IdPs (how far less we  
can all guess).

Making something that has much broader appeal (auth) substantially  
more restrictive because of the needs of another spec, that uses it,  
and that may not even be implemented by everybody, sounds like an  
architectural no-no to me. The obvious workaround: if that additional  
spec only works with one of the several alternatives supported by the  
auth spec, make the additional spec require to use that particular  
mode (POST) only when it is used.

>> We will see if the JS requirement is an issue. I do not think it is
>> given what I know now.
>
> Well, admittedly, if no-one except me thinks that redirects should be
> supported in OpenID 2.0, then I certainly expect to lose that  
> argument ;)

This whole discussion sounds it's on the wrong foot to me in any  
case. From my perspective, something is seriously wrong with an URL- 
based protocol for authentication that works for one HTTP verb (POST)  
but not for any other.

So, John, you certainly aren't the only one who thinks this way.



Johannes Ernst
NetMesh Inc.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: openid-relying-party-authenticated.gif
Type: image/gif
Size: 903 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20061118/18901ecd/attachment-0004.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lid.gif
Type: image/gif
Size: 973 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20061118/18901ecd/attachment-0005.gif>
-------------- next part --------------
  http://netmesh.info/jernst



More information about the specs mailing list