[OpenID] HTML markup for discovery in OpenId 2.0

[Tony Locke]

Thanks for that Jack, I'll put the four separate <link> tags in to
support both versions.

I'm still not clear on why the server needs to be given on the claimed
id page. Can't the Relying Party just do discovery on the OP-Local
Identifier to find the OP Endpoint URL?

On 27/10/2007, Jack <jack at jackpot.uk.net> wrote:
> Tony Locke wrote:
> > Hi, apologies if this has been raised before, but I couldn't see
> > anything in the archives.
> >
> > The OpenId 2.0 specification is intended to be backwards compatible.
> > However in the latest draft (12), the recommended markup for HTML
> > discovery gives the 'rel' attribute in the 'link' element the values
> > 'openid2.provider openid.server' and 'openid2.local_id
> > openid.delegate'. In OpenId 1.x the values for 'rel' were simply
> > 'openid.server' and 'openid.delegate'.
> >
> > So to really be compatible with previous versions, the markup should
> > be the same as in OpenId 1.x. Can it be changed back to how it was?
> > In my experience with http://www.own-id.com/ if you stick to the
> > specification on this, you break compatibility with previous
> > versions.
> >
> > Come to think of it, I don't see why a link to the server is needed
> > at all. Can someone explain this to me?
>
> These link relations are used to determine what openid user and server
> should be the target of the protocol exchange initiated by the Relying
> Party. The RP needs to know against which server it should attempt
> authentication.
>
> By distinguishing between openid V1 and V2 servers, these relations
> allow the RP to request a protocol exchange that the server supports.
>
> You can put in <link rel="..."> tags for both versions, enabling a
> V1-only RP to select the V1 fields and rely on the V1 protocol, and a
> V2-supporting RP to select a V2 server and a V2 protocol exchange.
>
> HTH,
> --
> Jack.
>