[OpenID] Reconsidering http://openid different from https://openid

[Jack]

George Fletcher wrote:
> So, just to make sure I've got the best practices from this thread...
> 
> 
> 1. OPs: Support HTTPS and always redirect the http version to the
> https version

 From what I've read, that particular practice would be inconsistent with
some RPs, which apparently don't support HTTPS. This is such a nuisance;
surely a better way of putting it is that such RPs are inconsistent with
secure OpenID?

-- 
Jack Cleaver.