errata: <xrd:Type> value for v1.1 and v1.0
Manger, James H
James.H.Manger at team.telstra.com
Fri Jan 25 03:34:46 UTC 2008
Errata for OpenID Authentication 2.0 - Final
http://openid.net/specs/openid-authentication-2_0.html
The <xrd:Type> values that RPs SHOULD accept
for backward compatibility with 1.0 & 1.0 are confusing.
The 2.0 spec sometimes talks about …signon/1… URLs:
"http://openid.net/signon/1.0" and
"http://openid.net/signon/1.1".
At other points it talks about …server/1… URLs:
"http://openid.net/server/1.0" and
"http://openid.net/server/1.1".
§7.3.2.4 “OpenID Service Elements / Additional Information”
RECOMMENDs acceptance of the …signon/1… URLs as <xrd:Type> values.
§14.2.1 “Implementing OpenID Authentication 1.1 Compatibility / Relying Parties”
says RPs SHOULD accept the …server/1… URLs as <xrd:Type> values.
These two sections are incompatible.
My guess is that the …server/1… URLs are typos that should say
…signon/1….
ClaimID, for instance, uses the …signon/1… URLs.
I could put this on the errata page
http://wiki.openid.net/Errata_-_OpenID_2.0_Authentication
if someone confirms my guess that …server/1… is a typo.
P.S. The …signon… values are also mentioned as possible values of
openid.ns in §4.1.2 and §5.1.2.
More information about the specs
mailing list