OpenID Authentication 2.0 Pre-Draft 11 (Take 4)
Recordon, David
drecordon at verisign.com
Mon Nov 20 02:41:00 UTC 2006
Updated pre-draft with the following changes from Take 3 which I posted
on the 7th.
--David
- Be a little more verbose when describing what the RP does to verify
the assertion in the protocol overview.
- Mainly wording cleanups from going through the spec with Brad
Fitzpatrick
- Additional clarification on optional openid.identity request
parameter
- DH-SHA* refers to association session type, not association type
- Association should refer to 'session type'; (e.g. the IdP may be able
and willing to support HMAC-SHA1 associations, but not 'no-encryption'
sessions)
- Request changed to response; response_nonce only appears in
authentication response messages
- Better reference Yadis
- Namespace field required in all messages
- Renamed 'Identity Provider' to 'OpenID Provider' (IdP -> OP)
- Wording edits from Drummond Reed
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20061119/06e7ef27/attachment-0002.html>
More information about the specs
mailing list