OpenID Authentication 2.0 Pre-Draft 11 (Take 4)

Recordon, David drecordon at verisign.com
Mon Nov 20 02:41:00 UTC 2006


Updated pre-draft with the following changes from Take 3 which I posted
on the 7th.

--David

 - Be a little more verbose when describing what the RP does to verify
the assertion in the protocol overview.
 - Mainly wording cleanups from going through the spec with Brad
Fitzpatrick
 - Additional clarification on optional openid.identity request
parameter
 - DH-SHA* refers to association session type, not association type
 - Association should refer to 'session type'; (e.g. the IdP may be able
and willing to support HMAC-SHA1 associations, but not 'no-encryption'
sessions)
 - Request changed to response; response_nonce only appears in
authentication response messages
 - Better reference Yadis
 - Namespace field required in all messages
 - Renamed 'Identity Provider' to 'OpenID Provider' (IdP -> OP)
 - Wording edits from Drummond Reed
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20061119/06e7ef27/attachment-0002.html>


More information about the specs mailing list