[OpenID] [LIKELY_SPAM]Re: [LIKELY_SPAM]Re: Combining Google & Yahoo user experience research
Johnny Bufu
johnny.bufu at gmail.com
Tue Oct 21 16:57:47 UTC 2008
On Tue, Oct 21, 2008 at 08:58:54AM -0700, Andrew Arnott wrote:
> Why do we have to have http(s)://username at mailhost.com at all? It's a funky
> and unnecessary syntax. Why can't an OpenID 3.x RP simply transport
> username at mailhost.com into https://mailhost.com and do discovery on that to
> find the provider endpoint, then use the username in the email as the
> local_id parameter, or alternatively just use directed identity. Since this
> email would be a new support, I'd mandate https.
Agreed, that would be the next logical step, if we were to proceed on
this "least resistance" path.
What I have outlined can work with the current specs and only deployment
tweaks/configuration.
Johnny
More information about the general
mailing list