[OpenID] Backwards Compatibility
SitG Admin
sysadmin at shadowsinthegarden.com
Tue Mar 17 23:15:14 UTC 2009
>Which of the following testing methodologies sounds like the most
>useful at this point in time?
>(a) Reference Implementation to test against
>(b) Conformance test suite with logging, verbose error handling and
>reporting, etc.
>(c) Just a test procedures document that clearly lays out
>interoperability testing per conformance "mode"
I'm inclined to put up a permanent conformance "mode" (URI) hosted
locally (to my RP) called 'auditing': users would be able to log in
with it at any time, and see an informative, step-by-step readout of
what the code was doing. I was thinking about making this
URI-specific, but here's an argument for making it an OpenID
parameter instead: what if someone else is using *my* implementation
to TEST *their* implementation? They don't want to just use what
*I've* set up, they want to know what happens during my interaction
with *their* OP. This is greater transparency, and also leads to more
understanding of the underlying protocol by those using it (which is
not necessarily a good thing, but I believe the increase in overall
understanding will outweigh the increase in overall confusion).
-Shade
More information about the general
mailing list