[OpenID] Delegation leading to new accounts on websites
Johnny Bufu
johnny.bufu at gmail.com
Fri Jul 10 21:11:01 UTC 2009
On Fri, Jul 10, 2009 at 01:57:37PM -0700, Andrew Arnott wrote:
> I agree that RPs should treat them as opaque strings, but due to the
> constraints in the spec, I can name at least a couple of .NET openid
> libraries that would choke on openid.local_id values if they were not XRIs
> or URIs. I'm *for* loosening this up, but in the meantime, OPs should
> please conform to this constraint to avoid breaking RPs.
I wasn't suggesting that they don't, either. My comments were about the
concerns about being authoritative over some asserted URIs, when in the
case of delegated identifiers nothing of their URI-ness is actually used.
Johnny
More information about the general
mailing list