[OpenID] Fwd: [OpenID Foundation] New Poll Opened
Peter Williams
pwilliams at rapattoni.com
Sat Mar 21 19:32:36 UTC 2009
Without the use of vanity site for discovery, there is no means for the user (as in user-centric identity) to express the SSL requirement.
With vanity control, the OP in question can still refuse to participate in SSL (which is fine). IN that case, the RP knows now to pick another OP from the discovered (vanity) list.
> -----Original Message-----
> From: general-bounces at openid.net [mailto:general-bounces at openid.net] On
> Behalf Of Martin Atkins
> Sent: Saturday, March 21, 2009 10:19 AM
> To: Eddy Nigg (StartCom Ltd.)
> Cc: general at openid.net
> Subject: Re: [OpenID] Fwd: [OpenID Foundation] New Poll Opened
>
> The current spec does not say that you must NEVER use SSL, it leaves
> that decision up to the parties involved. Many parties have chosen to
> use SSL because they consider the benefits it brings to be valuable,
> and
> that's fine.
>
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
More information about the general
mailing list