[OpenID] choosing endpoint after performing discovery on claimed_id from response
James Tindall
james at atomless.com
Tue Jul 22 14:03:29 UTC 2008
Ah, to answer my own (silly?) question - If running in stateless mode
then association would not have been even attempted - so the RP should
be fairly confident that the endpoint to choose is the first in the
priority list?
James Tindall wrote:
> Suppose a relying party is operating under stateless mode. Suppose also
> that the discovery phase for the given claimed_id returned more than one
> endpoint. Then suppose that association attempts failed on at least one
> of the endpoints but then succeeded on one of the other endpoints
> further down the priority order. Then upon receiving the authentication
> (id_res) response from the chosen OP the RP must perform discovery on
> the claimed_id contained in the response in order to be able to verify
> the response data against discovered data. But then if, as is probable,
> the discovery phase again returns more than one endpoint, how is the RP
> to choose which one to verify the response data against?
>
> =james.tindall
>
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
>
More information about the general
mailing list