[OpenID] OpenID provider with gibberish identity URLs to avoidnickname change issues
Johnny Bufu
johnny at sxip.com
Wed May 30 17:24:14 UTC 2007
On 30-May-07, at 10:09 AM, Rowan Kerr wrote:
> On 30-May-07, at 11:26 AM, Recordon, David wrote:
>>> What part of the spec prevents it? I don't see anywhere that says
>>> the Verified Identifier must be the same as the Claimed Identifier.
>>
>> This is my opinion as well with OpenID 1.1, though in practice we
>> found
>> it not to work very well.
>
> So, if the libraries support it :) then it could be a valid strategy
> for OPs...
Because in OpenID 1.1 there is only openid.identity in the auth
response (no openid.claimed_id), you can only have two from the
triplet (delegation, stateless mode, different identifier) in a
consistent way.
Since the first two are specified, it can reasoned that the last one
is not officially supported, (it may work sometimes, but not
guaranteed or specified how).
Johnny
More information about the general
mailing list