SREG 1.1 Request parameters
Enis Soztutar
enis.soz.nutch at gmail.com
Fri Feb 22 08:29:46 UTC 2008
Well, I have not thought about the OP to ask the user to pass the data
to the RP leveraging required/optional fields information. Thanks for
the clarification.
Martin Atkins wrote:
> Enis Soztutar wrote:
>
>> As far as I understand, the distinction between sreg.required and
>> sreg.optional is entirely in the responsibility of the consumer and
>> there is not reason for the protocol to include this arbitrary division.
>> An OP implementation will just merge the two fields and try to fill them
>> as much as it can.
>>
>>
>
>
> This distinction is made to avoid the following flow, which isn't very
> user-friendly:
>
> 1. RP sends user to OP with a request for email address.
> 2. OP asks user whether or not to send email address.
> 3. User elects not to send email address.
> 4. RP then says "We can't let you register without an email address.
> Type one in here."
> 5. User elects to supply an email address after all, but now has no
> assistance from the OP to complete this field.
>
> By having the optional/required distinction, in step two the OP can say
> something like "The RP may not allow you to log in without this
> information". This means that the user can make the decision in step 3
> with the knowledge that it probably won't succeed, or he can make the
> decision in step 5 a few steps earlier and get assistance from the OP to
> enter the email address.
>
> It's only a very subtle distinction, but it is important so that the OP
> can explain the situation to the user at the right point in the transaction.
>
> _______________________________________________
> specs mailing list
> specs at openid.net
> http://openid.net/mailman/listinfo/specs
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20080222/6063f257/attachment-0001.htm>
More information about the specs
mailing list