[OpenID] Problems with OpenID and TAG httpRange-14
Peter Williams
pwilliams at rapattoni.com
Tue Mar 4 18:25:15 UTC 2008
I didnt interpret the text the same way as this:-
"The http://bytesexual.org/ URI works as an OpenID by the specification but the
specificaion also instructs agents to "[canonicalize]" the URI by following the
the 303 redirect and so the OpenID is changed to http://bytesexual.org/about/".
I only normalized the user input. My SP openid engine does not know how many redirects (if any) are followed when locating the HTML page. It simply asks for a discovery resource for a normalized user input, and gets it - or not. If its received, processing continues based only on signals within the (authenticated) discovery data. That the communication layer followed redirects or authentication of the discovery servers used server cert and trust point X,Y ... is not state to be handled, by the openid engine operating in conformig mode.
But I could be wrong. The text is not easy to understand.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20080304/afdb750a/attachment-0002.htm>
More information about the general
mailing list