concerns about each user having a unique "URL"
Peter Watkins
peterw at tux.org
Wed Nov 8 22:17:38 UTC 2006
Rowan Kerr wrote:
> On 11/2/06, Peter Watkins <peterw at tux.org> wrote:
>> To me it would seem an improvement for OpenID to
>> - not require an individual's unique URL/iName, but also accept a
>> URL that only uniquely identifies the Identity Provider (id.plumbers.co)
>
> It was my understanding that this was possible as outlined in Section
> 10.1 for openid.identity:
> Note: If this is set to the special value
> "http://openid.net/identifier_select/2.0", the IdP MAY choose an
> identifier that belongs to the End User.
That's the "request parameters" section, right? This suggests to me that
the Relying Party would have to use this special value in order for the
IdP to be able to return a different identifier in the openid.identity
*response* than the user entered as the claimed identifier.
How many OpenID RP packages support such requests?
How many send such requests by default?
Why not require OpenID 2.0 Relying Parties to use this feature, and then
update the rest of the 2.0 spec to make it more apparent that the
user-entered string could be any of
- a unique iName
- a unique OpenID URL
- the URL of an OpenID 2.0 Identity Provider
-Peter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 191 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20061108/78250d90/attachment-0002.pgp>
More information about the general
mailing list