[OpenID] PAPE and the Authentication Policies
Anders Feder
lists.anders at feder.dk
Sat Aug 9 16:52:45 UTC 2008
lør, 09 08 2008 kl. 16:22 +0200, skrev Christoph Eunicke:
> Do I get you right? If you want to do homebrew-OpenID, feel free to
> do
> so. No one else might understand you, but it is still standard-OpenID.
Definitely. As Andrew notes, there is little incentive to demand a
policy that no-one understands anyway, so everything maps out nicely.
Also, this inclination towards decentralization is in the spirit of
OpenID rather than against it.
> Why don't use the possibility to create an extension[1], that would be
> a
> more suited way, at least in my eyes..
With respect to interoperability, extensions are just like policies as
they both use URIs for keys. This is completely standard practice - XML
does it, RDF does it and some programming languages does it (more or
less - i.e. Java use domain names for namespacing).
Furthermore, policies are advertiesed in the XRDS document just like
extensions are.
Working as intended.
--
Anders Feder <lists.anders at feder.dk>
More information about the general
mailing list