[OpenID] Why use SREG instead of AX?
George Fletcher
gffletch at aol.com
Fri Jul 10 15:07:27 UTC 2009
One other issue is that AX supports multiple schema and there is
currently no way for the OP to advertise which schema it's using. So an
RP has to build it's own mapping table to know what to send to the OP
when using AX.
Thanks,
George
Andrew Arnott wrote:
> That's one possibility. Another is to have the RP advertise its
> privacy policy in its own XRDS file. While the OP is already
> discovering the RP it can look it up. The advantage to this method is
> that now OPs can send unsolicited assertions to RPs and still know the
> privacy policy URL.
>
> There's been a strong push lately to get the AX extension going with
> some kind of privacy policy URL. Some big people are behind it so I
> imagine it will be fixed soon.
>
> --
> Andrew Arnott
> "I [may] not agree with what you have to say, but I'll defend to the
> death your right to say it." - S. G. Tallentyre
>
>
> On Fri, Jul 10, 2009 at 7:50 AM, David Fuelling <sappenin at gmail.com
> <mailto:sappenin at gmail.com>> wrote:
>
> On Fri, Jul 10, 2009 at 2:42 PM, Andrew Arnott
> <andrewarnott at gmail.com <mailto:andrewarnott at gmail.com>> wrote:
>
> There is actually one feature sreg has that AX doesn't:
> privacy policy URL of the RP.
>
>
> Why can't AX support a privacy policy URL? Is it a matter of not
> having a commonly agreed upon attribute type-name?
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
More information about the general
mailing list