[OpenID] Delegation leading to new accounts on websites
Johnny Bufu
johnny.bufu at gmail.com
Mon Jul 13 02:55:38 UTC 2009
On 10/07/09 02:49 PM, John Panzer wrote:
> (What practical constraint does this impose on OPs -- which comes down
> to asking, what strings would cause an exception when processed by the
> set of existing RP libraries? Is urn:isbn:0-486-27557-4 okay, for example?)
OPs can use any sort of strings to identify their users.
To be 100% spec compliant, they would have to go through the extra
nuisance of encoding/decoding these identifiers to/from an URL.
The encoding scheme can be a OP internal deployment detail, since no
other party actively processes the local_id's; the URLs do not need to
be dereferenceable either.
If the local_id value happens to coincide with a the user's attribute
and the OP wants to make it available, there other ways to accomplish it
without overloading the local_id.
Johnny
More information about the general
mailing list