Anyone seen xauth.org?
Allen Tom
atom at yahoo-inc.com
Mon Apr 19 19:35:16 UTC 2010
Hi Chris,
Yes, XAuth can provide the same functionality as x-has-session, but using a
centralized service, so that RPs can make a single call to Xauth, rather
than multiple simultaneous calls to all the potential OPs.
The Xauth call is cachable (little to no latency), since the Xauth JS should
already be cached by the user's browser, and the flag indicating the user's
login status is stored in the browser's local storage.
Xauth is very similar to the Central Discovery Service proposal:
http://sites.google.com/site/oauthgoog/UXFedLogin/central-discovery-service
The biggest open issue is determining who and how the xauth.org service will
be administered.
Allen
On 4/19/10 11:08 AM, "Chris Obdam" <chris.obdam at holder.nl> wrote:
> Looks the same as x-has-session but then locally? Maybe i've missed the
> conversation?
>
> Cheers,
>
> Chris
>
> _______________________________________________
> specs mailing list
> specs at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs
More information about the specs
mailing list