[OpenID] Normalizing claimed identifier (remove the #?)
Nat Sakimura
sakimura at gmail.com
Fri Feb 29 17:08:43 UTC 2008
Read 11.5.1. Identifier Recycling.
The fragment is this.
The full URL with the fragment part constitutes the Claimed Identifier
in positive assertions and you must not strip it off. You have to
distinguish between the claimed identifier in authentication request
and the claimed identifier in the positive assertion. The
normalization is for the claimed identifier in authentication request.
=nat
2008/2/29, Markus Lanthaler <markus at silverstripe.com>:
> Hey all,
>
> I just tested the new Yahoo OpenIDs. It seems that they are appending to all
> their some ID, e.g. https://me.yahoo.com/markus.lanthaler gets
> https://me.yahoo.com/markus.lanthaler#a5b3f. The problem I have is that I
> don't know for what reason that fragment is appended and if I should strip
> it before saving the URL (as it is stated in the spec:
> http://openid.net/specs/openid-authentication-2_0.html#normalization).
>
> That fragment is never shown to the user so it's difficult for an
> administrator to set the OpenIDs for all the users if they cannot tell him
> their full URL.
> Any ideas why they do it that way? Any suggestions how I should handle them?
>
>
> Thanks,
> Markus
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
--
Nat Sakimura (=nat)
http://www.sakimura.org/en/
More information about the general
mailing list