SREG's Privacy Policy URL
Allen Tom
atom at yahoo-inc.com
Tue Jun 2 17:55:55 UTC 2009
Hi Luke,
Yes, this is what we're looking for. Currently, in OpenID, the only way
for the RP to link to its privacy policy (which is sort of like linking
to its ToS) is by passing it in the openid.sreg.policy_url parameter
using SREG.
Since we're trying to deprecate SREG, we can try to move this parameter
to either the UI or AX Extension, or move it into Discovery.
Is there an actual Discovery spec?
Allen
Luke Shepard wrote:
> FWIW, Facebook Connect allows relying parties to define a "terms of
> service" url. We then show that link to users when they click on it.
> With OpenID, the equivalent URL would be set using relying party
> discovery. Is this more or less what you're looking for?
>
> Screenshot:
>
>
>
>
> On 6/2/09 10:21 AM, "Allen Tom" <atom at yahoo-inc.com> wrote:
>
>
> Alternatively, the RP could publish its privacy policy in its
> discovery
> document, which does make a lot of sense, but I understand that
> there's
> a lot of work going on to define the next generation of discovery, and
> I'm not quite sure what the timeframe is for that.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20090602/461bb38d/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 65671 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20090602/461bb38d/attachment-0002.png>
More information about the specs
mailing list