Backwards compatibility
Dick Hardt
dick at sxip.com
Mon Sep 25 10:44:54 UTC 2006
If we are maintaining message compatibility, then we likely need to
back out a number of the changes in D9
(if we do not have to maintain 100% compatibility, then we should
address any issues in this spec)
Going through the changes at http://www.lifewiki.net/openid/
OpenIDChanges and grouped by issues for OpenID 1.1 IdP and OpenID 1.1
RP.
XRI support and Yadis support:
IdP: since this stage of the protocol is prior to any messages, no
issue
RP: will not know how to process an iname nor a Yadis file
IdP-driven identifier:
IdP: Clearly an OpenID 1.1 IdP will not be able to support this
RP: will not know how to process
Optional Identifier
IdP: will not understand it being blank
RP: no issue
HTML Form-Based Redirection
IdP: 1.1 spec says that it is a GET, this breaks the protocol
RP: will be sending everything as a GET
New Associations
IdP/RP: this feature is negotiated in Yadis file, so compatible - no
issue
Extensions
IdP/RP: negotiated feature, so no issue
Nonce and TIme stamp
IdP: will not generate
RP: spec says that it is required, 2.0 RP will not get it from a 1.1
IdP, so would fail according to spec
URI Normalization
no issue
New Field Name
RP specific, no issue
Base Namespace
IdP/RP: 1.1 will not understand, behaviour for unknown parameters
not specified in 1.1 draft
On 22-Sep-06, at 11:01 AM, Recordon, David wrote:
> Like Josh, I believe it is important to maintain number 1.
>
> My intention would be that someone could read OpenID Authentication
> 2.0,
> never having read 1.1, implement a library, and have it work with an
> implementation from someone who has only read 1.1 and not 2.0. This
> means that in 2.0 we need to both continue making the conscious effort
> to only change what is required, as well as to mark things which have
> been deprecated though are still required in implementations for
> backwards compatibility. While I agree that the number of deployments
> is relatively small, we should do everything possible to maintain
> compatibility with them.
>
> --David
>
> -----Original Message-----
> From: specs-bounces at openid.net [mailto:specs-bounces at openid.net] On
> Behalf Of Josh Hoyt
> Sent: Wednesday, September 20, 2006 1:31 PM
> To: specs at openid.net
> Subject: Backwards compatibility
>
> When making and evaluating proposals, there have been many
> references to
> backwards compatibility. I'm not sure that everyone has the same idea
> what it means to be backwards compatible.
>
> There are at least two meanings that I can see:
>
> 1. Messages that are valid OpenID 2.0 messages are also valid OpenID
> 1.1 messages
>
> 2. It is possible for implementations to differentiate between OpenID
> 1.1 and 2.0 and to construct appropriate messages. In essence, it's a
> different protocol.
>
> I've been focused on maintaining (1). How do you see it?
>
> Josh
> _______________________________________________
> specs mailing list
> specs at openid.net
> http://openid.net/mailman/listinfo/specs
>
> _______________________________________________
> specs mailing list
> specs at openid.net
> http://openid.net/mailman/listinfo/specs
>
>
More information about the specs
mailing list