[OpenID] SREG 1.x attributes
Andrew Arnott
andrewarnott at gmail.com
Tue Dec 2 01:23:04 UTC 2008
+1. Also, there's nothing stopping an unsolicited assertion from including
the AX response extension. It can include that as easily as an sreg
response extension.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - Voltaire
On Mon, Dec 1, 2008 at 4:56 PM, Dick Hardt <dick.hardt at gmail.com> wrote:
>
> On 1-Dec-08, at 4:37 PM, Martin Atkins wrote:
>
> > Peter Williams wrote:
> >> Here is a compromise: make it clear that both solicited and
> >> unsolicited responses to an auth can bear a ax etension ...
> >> alongside the sreg).
> >>
> >> Ax comes across as: ask for auth, get assertion (with sreg), now go
> >> back and ask for ax, get ax response (over association keys).
> >>
> >
> > Is that really what the AX spec describes? That was not my
> > interpretation when I read it, but then I may have been reading it
> > with
> > SREG-tinted glasses.
> >
> > If the AX spec really is suggesting that the attributes be exchanged
> > in
> > a separate transaction, then we should totally fix that. AX is
> > supposed
> > to be a superset of the functionality of SREG.
>
> AX works as you think it works Martin.
>
> Peter's comments are confusing to me.
>
> -- Dick
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20081201/b5d226b0/attachment-0002.htm>
More information about the general
mailing list