Connect spec updated

David Recordon recordond at gmail.com
Wed May 19 08:20:45 UTC 2010


Replying with "bullshit" isn't going to welcome anyone new into this
community. Please stop doing this; you've been asked many times.

Yes, we should increase the involvement of browser vendors and it's great
seeing the work that's happening around FireFox. I plan to track down that
team tomorrow and get a better understanding of what browser-based APIs
they're proposing and what information websites need to advertise to
browsers.

--David


On Wed, May 19, 2010 at 1:12 AM, Santosh Rajan <santrajan at gmail.com> wrote:

> HA! BullShit!
>
> You know what?. I am beginning to believe that we need get the browser
> vendors to the OpenID community. Yes Google and Microsoft are already here,
> but i don't think they are here in the capacity of "browser vendors". We
> also need the mozilla, opera, safari guys.
>
> And Mozilla has really been doing some good work in this area. Here is a
> link.
> https://wiki.mozilla.org/Labs/Weave/Identity/Account_Manager/Spec/Latest
>
> <https://wiki.mozilla.org/Labs/Weave/Identity/Account_Manager/Spec/Latest>
>
> On Wed, May 19, 2010 at 1:25 PM, David Recordon <recordond at gmail.com>wrote:
>
>> Coming out of some conversations at IIW today I've made some changes to
>> the proposal. Patch is attached, but they are:
>>  - Allow passing in `user_id` as a hint when not using immediate mode in
>> the request.
>>  - Continue to allow users to enter URLs, email addresses, and click
>> buttons but the returned user identifier must be a HTTPS URI.
>>  - Include the expiration time within the signature.
>>  - Clarify how you verify if the token endpoint is authoritative for a
>> given user identifier.
>>  - Simplify discovery by removing LRDD and using host-meta to determine
>> the server token endpoint on a per domain (or sub-domain) basis. We're
>> having a hard time finding use cases of running multiple different OpenID
>> servers per domain.
>>  - Remove the separate user info API endpoint and instead make the user
>> identifiers a protected resource. Fetch the user identifier with an access
>> token and it returns basic profile information as well as if the access
>> token was issued by that specific user.
>>
>> Thanks for all of the feedback and support both virtually and in person!
>> I'm planning to move this proposal into GitHub next week (and work with Eran
>> to actually format it like a spec) so that changes are easier to keep track
>> of.
>>
>> --David
>>
>> _______________________________________________
>> specs mailing list
>> specs at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs
>>
>>
>
>
> --
> http://hi.im/santosh
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20100519/4182a4d7/attachment.htm>


More information about the specs mailing list