OpenID/OAuth hybrid - discovery
Manger, James H
James.H.Manger at team.telstra.com
Tue Nov 25 02:29:47 UTC 2008
Breno,
> The fact that the OP indicates support for hybrid has nothing to do
> with directed identity, of whether or not they use the same XRDS file.
What is section "5 Discovery" for?
Is it supposed to allow an app (after finding a user's OP) to make additional requests to get the OP's metadata to see if it supports the hybrid protocol?
Learning just that an OP supports the hybrid protocol (without any indication of the associated protected resources) seems to be of minimal value.
James Manger
James.H.Manger at team.telstra.com
Identity and security team — Chief Technology Office — Telstra
More information about the specs
mailing list