[OpenID] Scheme in OP-Local ID
Martin Atkins
mart at degeneration.co.uk
Sat Sep 8 16:52:33 UTC 2007
Jack wrote:
>
> The user enters "usersblog.example.com" in the RPs login form, and is
> then asked to confirm they want to authenticate as
> http://user.provider.net/". At least, this is what happens with
> myopenid.com - I'm not sure why they don't ask me to confirm my claimed_id.
>
The OP is free to call the user identity whatever it likes in its UI.
For example, LiveJournal could reasonably look at one of its own URLs
like http://frank.livejournal.com/ and refer to the user as "frank".
In version 1.1 of OpenID, which is what is widely deployed today, the OP
wasn't actually ever sent the claimed_id. The thinking behind this was
that OPs would then be unable to "tell" that they are being delegated
to, and thus can't make delegation a premium service or whatever.
However, as you've almost certainly seen, the claimed_id is now included
in the OpenID 2.0 authentication requests in order to support some new
features in 2.0, and so OPs could now start to use the claimed_id in
their UI if they wish -- particularly in the XRI case you noted.
More information about the general
mailing list