I wasn't at IIW, so please bear with me.<br><br>In reference to the wiki at <a href="http://openid.net/wiki/index.php/IIW2007a/Identifier_Recycling" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://openid.net/wiki/index.php/IIW2007a/Identifier_Recycling</a>, can somebody clarify what some of the terminology means? Specific questions are below.<br><br>1.) For URL+Fragment, what is the distinction between "private" and "public"?
<br><br>2.) Ditto For URL+Token (I assume this means a public vs. private token?) <br><br>3.) What does "DE" mean in the "Does not require change to DE"?<br><br>4.) In the "Stolen OP account" header, it appears that all 4 of the proposed methods have problems. However do we really want an identifier to be recycled if an account is stolen (
i.e., what if an account is only stolen for a brief period, but then recovered?)<br><br>4.) What is "Active Recycling"?<br><br>5.) In the "New DB Field" header, doesn't an OP/RP need a new DB field in the fragment scheme, in order to distinguish between the id and the current fragment? Or does the OP/RP simply store the whole URL (fragment included) and parse as necessary?
<br><br>6a.) What is "MO" in "MO Strip Fragment"? <br><br>6b.) What does the "MO Strip Fragment" header mean in general?<br><br><br><br>Thanks!<br><br>David<br>