[OpenID] Attribute Exchange and HTTP/HTTPS
Zellyn Hunter
zellyn at gmail.com
Fri May 2 19:58:11 UTC 2008
Hi folks,
I'd like to use the attribute exchange extension to send email, street
address, etc. from the OP to the RP. I can get an SSL cert for my OP,
but I can't get SSL certs for all my RPs.
I was thinking I could do the login w/out attribute exchange, and then
use a direct connection from the RP to OP over https to retrieve the
attributes. However, it looks like direct connections are supposed to
be used only for associate and check_authentication: "It is used for
establishing associations (Establishing Associations) and verifying
authentication assertions (Verifying Directly with the OpenID
Provider)." (http://openid.net/specs/openid-authentication-2_0.html#direct_comm).
Any ideas? I'd like to pass the info over using only the OpenID
protocol, not invent another protocol for my own use.
Thanks,
Zellyn Hunter
More information about the general
mailing list