[OpenID] Reconsidering http://openid different from https://openid
Johannes Ernst
jernst+openid.net at netmesh.us
Sat Sep 22 07:18:52 UTC 2007
On Sep 21, 2007, at 20:16, Dick Hardt wrote:
> I have a view that long term users will rarely if ever be directly
> managing their URLs.
....
> Note how modern browsers will get a user to http://www.amazon.com/
> even when the user only enters "amazon" in the address bar.
...
> Given that, I don't we need to make URLs easier for users to work
> with, and we need to ensure that we don't create a security hole
> with how we deal with different schemes and ports.
Well said. Users have been educated that that's what's happening with
URLs, and OpenID should behave no different.
Johannes Ernst
NetMesh Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openid-relying-party-authenticated.gif
Type: image/gif
Size: 903 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070922/c3555b1d/attachment-0004.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lid.gif
Type: image/gif
Size: 973 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070922/c3555b1d/attachment-0005.gif>
-------------- next part --------------
http://netmesh.info/jernst
More information about the general
mailing list