errata: <xrd:Type> value for v1.1 and v1.0

Manger, James H James.H.Manger at team.telstra.com
Fri Jan 25 03:34:46 UTC 2008


Errata for OpenID Authentication 2.0 - Final
http://openid.net/specs/openid-authentication-2_0.html

The <xrd:Type> values that RPs SHOULD accept
for backward compatibility with 1.0 & 1.0 are confusing.
The 2.0 spec sometimes talks about …signon/1… URLs:
"http://openid.net/signon/1.0" and
"http://openid.net/signon/1.1".
At other points it talks about …server/1… URLs:
"http://openid.net/server/1.0" and
"http://openid.net/server/1.1".

§7.3.2.4 “OpenID Service Elements / Additional Information”
RECOMMENDs acceptance of the …signon/1… URLs as <xrd:Type> values.
§14.2.1 “Implementing OpenID Authentication 1.1 Compatibility / Relying Parties”
says RPs SHOULD accept the …server/1… URLs as <xrd:Type> values.
These two sections are incompatible.

My guess is that the …server/1… URLs are typos that should say
…signon/1….
ClaimID, for instance, uses the …signon/1… URLs.

I could put this on the errata page
http://wiki.openid.net/Errata_-_OpenID_2.0_Authentication
if someone confirms my guess that …server/1… is a typo.

P.S. The …signon… values are also mentioned as possible values of
openid.ns in §4.1.2 and §5.1.2.


More information about the specs mailing list