[OpenID] Why use SREG instead of AX?
Andrew Arnott
andrewarnott at gmail.com
Fri Jul 10 14:53:21 UTC 2009
That's one possibility. Another is to have the RP advertise its privacy
policy in its own XRDS file. While the OP is already discovering the RP it
can look it up. The advantage to this method is that now OPs can send
unsolicited assertions to RPs and still know the privacy policy URL.
There's been a strong push lately to get the AX extension going with some
kind of privacy policy URL. Some big people are behind it so I imagine it
will be fixed soon.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - S. G. Tallentyre
On Fri, Jul 10, 2009 at 7:50 AM, David Fuelling <sappenin at gmail.com> wrote:
> On Fri, Jul 10, 2009 at 2:42 PM, Andrew Arnott <andrewarnott at gmail.com>wrote:
>
>> There is actually one feature sreg has that AX doesn't: privacy policy URL
>> of the RP.
>>
>
> Why can't AX support a privacy policy URL? Is it a matter of not having a
> commonly agreed upon attribute type-name?
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090710/2da7fa62/attachment.htm>
More information about the general
mailing list