[OpenID] wiki.openid.net openid support broken

Wed Oct 21 04:12:49 UTC 2009

I got a response from PBworks.  They say their code doesn't support
delegation (I guess based on Allen's experience that could be qualified as
that they don't support 2.0 delegation but they do support 1.1 delegation)
but that they'll consider it in the future now that I've brought it to their
attention.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - S. G. Tallentyre

On Tue, Oct 20, 2009 at 9:05 PM, Johannes Ernst <jernst+openid.net@
netmesh.us> wrote:

> There is also the issue of your trailing slashes in the link element. Some
> parsers don't quite grok those, particularly when used without a blank
> before the slash.
> (One issue I have been burned with in the past, I forgot which OP).
>
> On Oct 20, 2009, at 20:57, Andrew Arnott wrote:
>
> Wow, that's a great review, James.
> I am convinced that it's Allen's 1.1 endpoint HTML elements whereas I have
> 2.0 elements.  In OpenID 1.1, delegation is entirely managed by the RP
> rather than a concert between RP and OP the way it is in 2.0, so delegation
> was simpler in 1.1 and easier to get right IMO.
> --
> Andrew Arnott
> "I [may] not agree with what you have to say, but I'll defend to the death
> your right to say it." - S. G. Tallentyre
>
>
> On Tue, Oct 20, 2009 at 8:46 PM, Manger, James H <
> James.H.Manger at team.telstra.com> wrote:
>
>>  http://blog.nerdbank.net/ claims to be XHTML but isn’t valid XML. That
>> could be a problem, though http://allentom.com/ also claims to be XHTML
>> but also isn’t valid. They both have lots of unescaped ‘&’ characters so
>> that doesn’t explain the difference, but other XML errors are only in one or
>> the other so that could cause different behaviour.
>>
>> The <meta http-equiv=’X-XRDS-Location’ content=’https://xri…’> element in
>> http://blog.nerdbank.net/ (without a corresponding HTTP header) may be a
>> more significant difference. Are RPs supposed to notice such a <meta>
>> element?
>>
>> Other minor differences: ‘ vs “ to quote OpenID <link> attributes; /> vs >
>> to terminate <link> elements; empty path vs / path on delegate URIs.
>>
>> A more significant difference is that http://blog.nerdbank.net/ includes
>> OpenID v1 and v2 links, while http://allentom.com/ only has v1 links.
>>
>>
>> I am curious about what the actual cause turns out to be.
>>
>>
>>
>> *James Manger*
>> James.H.Manger at team.telstra.com
>> Identity and security team — Chief Technology Office — Telstra
>>
>>
>> *From:* openid-general-bounces at lists.openid.net [mailto:
>> openid-general-bounces at lists.openid.net] *On Behalf Of *Allen Tom
>> *Sent:* Wednesday, 21 October 2009 2:09 PM
>> *To:* Andrew Arnott
>> *Cc:* general
>> *Subject:* Re: [OpenID] wiki.openid.net openid support broken
>>
>>
>> I also delegated my domain to myopenid.com, but I'm able to login to the
>> Wiki using "allentom.com" which has been delegated to
>> "http://atom.myopenid.com/" <http://atom.myopenid.com/>
>>
>> YMMV
>> Allen
>>
>>
>> Andrew Arnott wrote:
>>
>> This is what I sent to pbworks via their contact page:
>>
>>
>> The OpenID login that you have doesn't correctly handle delegation. When I
>> try to log in with http://blog.nerdbank.net/ it sends me to myopenid.comwith an openid.identity value of
>> http://blog.nerdbank.net/ instead of the correct value of
>> http://andrew.arnott.myopenid.com/ This makes it impossible for me to
>> login. Please fix this asap.
>>
>>
>>
>>
>
> _______________________________________________
> general mailing list
> general at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-general
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20091020/b07566a0/attachment-0001.htm>