Login Federation
Brett Carter
brett at rdnzl.net
Tue Feb 19 04:56:35 UTC 2008
I think the img tag is the best solution. That way, the end user can
know if they were logged into a site or not. If the image shows up,
they logged in. Also, there's better support for mobile browsers, and
a bit more defense against fishing type attacks (the end user could
choose their image.)
-Brett
On Feb 18, 2008, at 1:03 PM, John Ehn wrote:
> Well, with some tweaking elsewhere. Hidden iframes are the
> smoothest way to do it.
>
> On 2/18/08, John Ehn <john at extremeswank.com> wrote:
> It was just an example. In theory, you could do it with an IMG or
> OBJECT tag.
>
>
> On 2/18/08, SignpostMarv Martin <signpostmarv.martin at slopenid.net>
> wrote:
> John Ehn wrote:
> > 5. Each site's iframe performs regular OpenID authentication using
> > the identity info already cached by the AX update receiver.
> >
> Doable without iframes ?
>
>
> _______________________________________________
> specs mailing list
> specs at openid.net
> http://openid.net/mailman/listinfo/specs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20080218/318aec89/attachment-0002.htm>
More information about the specs
mailing list