[OpenID] Where can I get a free i-name?
kevin at janrain.com
Fri Jan 12 20:35:16 UTC 2007
On Fri, 2007-01-12 at 22:20 +0200, Dmitry Shechtman wrote:
> Brad Topliff wrote:
> > I can't speak to whether or not this is how the libraries generally handle
> > XRI's but since I have seen it work *correctly* before, I have to assume
> > it is an implementation issue.
> Being a developer, I can confirm this assumption.
> This is clearly a bug in all JanRain libraries I'm aware of. It is hopefully
> to be fixed in the upcoming versions. JanRain devs, are you listening?
Notabug! Feature! i.e. specification conformance! I quote from
XRI and the CanonicalID Element
When the identifier is an XRI, the <xrd:XRD> element that
contains the OpenID Authentication <xrd:Service> element MUST
also contain a <CanonicalID> element. The content of this
element MUST be used as the Claimed Identifier (see Section
11.4(Identifying the end user)). This is a vital security
consideration because a primary purpose of the <CanonicalID>
element is to assert a persistent identifier that will never be
reassigned, thus preventing the possibility of an XRI being
"taken over" by a new registrant.
kthx HTH HAND love,
- JanRain devs
More information about the general