[OpenID] Scheme in OP-Local ID
Johnny Bufu
johnny at sxip.com
Thu Sep 6 19:06:39 UTC 2007
On 6-Sep-07, at 11:51 AM, Jack wrote:
> * The claimed_id is the id the user enters into the openid login box,
No, that would be the User-supplied Identifier.
> and may be displayed as the "you are logged in as..." value by
> the RP.
That's the claimed_id, as defined in the terminology section
(normalized user-supplied id).
> As far as I can see, there is no other identifier (unless we start
> tangling with XRI). But in OpenID, the user's identifier is
> supposedly a
> URL. If the OP-local is ANY STRING, then the URL referred to must
> be the
> claimed_id. But the claimed_id is subject to normalisation, and
> need not
> be a valid URL _as entered_ (and as displayed by the RP).
This is an effect of your confusion above: the claimed_id is not
*subject to* normalization - it is the *result of* the normalization
applied on the user-supplied id.
> So (supposing your claimed_id is a URL, whether trimmed or complete),
> that MIGHT be case-insensitive with respect to the hostname, depending
> on how the RP works; and it MIGHT redirect http to https (if that's
> what
> the RP wants to do). Is that right?
The claimed_id has only one form - the normalized one.
Johnny
More information about the general
mailing list