[OpenID] Calling OpenID 2.0 editors (was RE:Problems withOpenID and TAG httpRange-14)
Noah Slater
nslater at bytesexual.org
Fri Mar 7 03:58:59 UTC 2008
On Thu, Mar 06, 2008 at 02:16:52PM -0800, Johnny Bufu wrote:
> You're arguing under the assumption that the string typed by the user at
> the RP (the User-supplied ID) is also or should be the claimed_id. This
> is not the case per the current OpenID 2.0 definitions.
I realise this, that is why I am emailing the OpenID community. The current
specification is broken as it currently stands.
>> If I claim <http://bytesexual.org/> as my OpenID
>
> You must do that by publishing discovery information at this URL,
> without issuing redirects.
This is false, please see the both the OpenID spec and the HTTP RFC.
>> and this 303s to some place else it is pretty clear what my "claimed
>> id" is,
>
> Yes - the URL after all redirects, unless you use a different definition
> for claimed_id.
False, please see the HTTP RFC I have cited multiple times.
--
Noah Slater <http://bytesexual.org/>
More information about the general
mailing list