SREG's Privacy Policy URL

Allen Tom atom at yahoo-inc.com
Tue Jun 2 17:55:55 UTC 2009


Hi Luke,

Yes, this is what we're looking for. Currently, in OpenID, the only way 
for the RP to link to its privacy policy (which is sort of like linking 
to its ToS) is by passing it in the openid.sreg.policy_url parameter 
using SREG.

Since we're trying to deprecate SREG, we can try to move this parameter 
to either the UI or AX Extension, or move it into Discovery.

Is there an actual Discovery spec?

Allen


Luke Shepard wrote:
> FWIW, Facebook Connect allows relying parties to define a "terms of 
> service" url. We then show that link to users when they click on it. 
> With OpenID, the equivalent URL would be set using relying party 
> discovery. Is this more or less what you're looking for?
>
> Screenshot:
>
>
>
>
> On 6/2/09 10:21 AM, "Allen Tom" <atom at yahoo-inc.com> wrote:
>
>
>     Alternatively, the RP could publish its privacy policy in its
>     discovery
>     document, which does make a lot of sense, but I understand that
>     there's
>     a lot of work going on to define the next generation of discovery, and
>     I'm not quite sure what the timeframe is for that.
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20090602/461bb38d/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 65671 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20090602/461bb38d/attachment-0002.png>


More information about the specs mailing list