Difference between 1.0 and 1.1

John Ehn john at extremeswank.com
Wed Mar 12 16:54:22 UTC 2008


On 3/12/08, techtonik <techtonik at php.net> wrote:
>
> So, if I understand correctly there is no way for consumer to detect which
> version - 1.0 or 1.1 is used in HTML delegation case, because delegation
> tags are the same, i.e.
>
> <link rel="openid.server" href="
> http://www.livejournal.com/openid/server.bml">
> <link rel="openid.delegate" href="http://exampleuser.livejournal.com/">
> so in my case Drupal consumer decides that either 1.0 or 1.1 version of
> specification is used and makes a request to OpenID server with openid.nsset to either "
> http://openid.net/signon/1.1" or "http://openid.net/signon/1.0". But 1.1OpenID server doesn't know anything about
> openid.ns, because it was added only in 2.0  Therefore server fails to
> authenticate and this should be considered a bug in consumer, which should
> not send openid.ns at all. If everything above is right then where is the
> logic and what are the reasons for consumer to send openid.ns="
> http://openid.net/signon/1.1" at all?
>
> Thank you.



Just to add my 2 cents, that namespace was introduced so you can discover an
OpenID Server using XRI.  That would be in the XRDS document to advertise
that the OpenID Server supported a specific version of the spec.  Since
OpenID 2.0 incorporates the XRI feature (which was a sort of "third-party
add-on" to the OpenID 1.x spec), that namespace is still used.

But, like James said, you shouldn't use openid.ns with 2.0 anyway.

Thanks,

John Ehn
extremeswank.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20080312/3f2a0c1d/attachment-0002.htm>


More information about the specs mailing list